Configuring Security Groups When iProcess Workspace (Browser) is used to Connect to iProcess Engine

To connect to iProcess Engine by using iProcess® Workspace (Browser), perform the following steps to appropriately configure security groups.

Start an EC2 instance in your VPC

2. Name the created instance ec2-OracleServer and install the Oracle Database Server on this instance.

Start a second EC2 instance in your VPC.

4. Name the created instance ec2-iPETomcat and install iProcess Engine and iProcess Workspace (Browser) on this instance.

Create the following security groups for the two EC2 instances:

—

Create sg-OracleServer for ec2-OracleServer.

—

Create sg-iPETomcat for ec2-iPETomcat.

Configure sg-OracleServer

Specify a custom TCP rule so only machines on an external domain can access the Oracle Database Server (The default port is 1521.)

Specify a rule on ec2-OracleServer for iProcess Engine to communicate with the database server.

Type	Protocol	Port Range	Source		Description
Custom TCP Rule	TCP	22	Custom	192.0.2.0/321	SSH to access the VM
All TCP	TCP	0-65535	Custom	sg-iPE	To allow traffic from members of sg-iPE
Oracle Database Server	TCP	1521	Custom	192.0.2.0/32	To access the Oracle database from an external machine

Configure sg-iPETomcat

Specify a rule on ec2-iPETomcat for the database server to communicate with iProcess Engine.

Specify a custom TCP rule so that only client machines on an external domain can access the iProcess Workspace (Browser) (The default port is 8080.)

Type	Protocol	Port Range	Source		Description
Custom TCP Rule	TCP	22	Custom	192.0.2.0/32	SSH
All TCP	TCP	0-65535	Custom	sg-OracleServer	To allow traffic from members of sg-OracleServer
Custom TCP Rule	TCP	8080	Custom	192.0.2.0/32	Apache Tomcat Server - To connect to iProcess Workspace (Browser)

Note: Once you configure these security groups, your setup looks something like the following illustration.

Did you find this helpful?

Yes No