CA API Gateway 9.1

9.4 9.1

Create Security Group (AMI)

A security group is necessary to allow communication between the CA API Gateway and Amazon Web Services.  
gateway90
A security group is necessary to allow communication between the CA API Gateway and Amazon Web Services.  
To create a new security group:
  1. Log into your AWS Management Console at https://aws.amazon.com/console
  2. Under Compute, click 
    EC2
    .
  3. Under the Network and Security section, click
     Security Groups
  4. Click
     Create Security group
     and then complete the following:
    • Security group name:
       Enter 
      SSG
    • Description:
       Enter a brief description of the group.
    • VPC:
       Accept the default value.
  5. Click 
    Add Rule 
    for Inbound and create these firewall group settings:
    Type
    Protocol
    Port Range
    Source
    Custom TCP Rule
    TCP
    9443
    Custom or Anywhere
    Custom TCP Rule
    TCP
    8080
    Custom or Anywhere
    Custom TCP Rule
    TCP
    8182*
    Custom or Anywhere
    Custom TCP Rule
    TCP
    8443
    Custom or Anywhere
    SSH
    TCP
    22
    Custom or Anywhere
    Gateway Internode
    Communication/Control
    TCP
    2124
    Custom or Anywhere
    "Custom" for the Source lets you restrict the access to only known IP addresses. If you do not wish to restrict, select "Anywhere".
    *
     Note that defining port 8182 is optional and is required only if the Enterprise Service Manager is installed. 
  6. Click 
    Create
     when done.
  7. Repeat steps 4 to 7 to create a new security group named 
    SSG DB
    1. In step 6, add this additional Inbound firewall rule:
      Type
      Protocol
      Port Range
      Source
      MYSQL/Aurora
      TCP
      3306
      <see note below>
      For the Source, select 
      Custom IP
       and then enter the Group ID from the "SSG" Security Group created above (for example: sg-705d461c (SSG)).

Content feedback and comments