AMQP, the Advanced Message Queuing Protocol, is an open standard for message queuing that supports flexible messaging for enterprise systems. vCloud Director uses the RabbitMQ AMQP broker to provide the message bus used by extension services, object extensions, and blocking task notifications.
Messages published to RabbitMQ include sensitive information. Exposing AMQP traffic between vCloud Director cells can be a security threat to the system and its tenants. AMQP endpoints should be configured to use SSL. AMQP ports should be blocked at the system firewall. Third party clients that consume AMQP messages must be allowed to operate in the DMZ. Any code that consumes vCloud Director messages should be subject to audit by the service provider's security team.
For more information about RabbitMQ and how it works with vCloud Director, see the vCat-SP blog entry at https://blogs.vmware.com/vcat/2015/08/vcloud-director-for-service-providers-vcd-sp-and-rabbitmq-security.html
Protect the AMQP Service with SSL
- an SSL certificate pathname
- a JCEKS trust store pathname, user name, and password
Although an Accept all certificates option is available, we do not recommend selecting it when security is a concern. Accepting all certificates without checking them opens the way to man in the middle attacks.
Block AMQP Ports at the System Firewall
As noted in Network Security Requirements, several AMQP ports must be accessible on the management network. No AMQP endpoints should be accessible from public or enterprise networks.