A firewall utility, such as iptables, may be used to configure the firewall of Hybrid Data Pipeline host machines. The following examples show the commands for first installing iptables on an Amazon Linux 2 EC2 instance, and then for allowing traffic on default HTTPS ports used by the server.

Note: The commands you use may vary, depending on your Linux distribution. Consult the documentation of your Linux distribution for details.

Install, enable, and start

sudo yum install iptables-services -y
sudo systemctl enable iptables
sudo systemctl start iptables

Allow traffic on Server Access HTTPS Port 8443

sudo iptables -I INPUT -p tcp -m tcp --dport 8443 -j ACCEPT
sudo service iptables save

Allow traffic on Internal API HTTPS Port 8090 (Required for a cluster deployment)

sudo iptables -I INPUT -p tcp -m tcp --dport 8090 -j ACCEPT
sudo service iptables save
Important: The Internal API Port is not required for a single-node deployment behind a load balancer. However, if any additional nodes are added to the load balancer deployment, then an upgrade or redeployment of Hybrid Data Pipeline would be required to open the Internal API Port.

Allow traffic on On-Premises Port 40501 and Notification Server TCP SSL Port 11443 (Required for On-Premises connectivity)

sudo iptables -I INPUT -p tcp -m tcp --dport 40501 -j ACCEPT
sudo iptables -I INPUT -p tcp -m tcp --dport 11443 -j ACCEPT
sudo service iptables save