diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 00000000000..3f16c180c92
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,68 @@
+# Contributing Guidelines
+
+*Pull requests, bug reports, and all other forms of contribution are welcomed and highly encouraged!*
+
+### Contents
+
+- [Code of Conduct](#code-of-conduct)
+- [Asking Questions](#bulb-asking-questions)
+- [Opening an Issue](#inbox_tray-opening-an-issue)
+- [Feature Requests](#love_letter-feature-requests)
+- [Triaging Issues](#mag-triaging-issues)
+- [Code Contributions](#code-contributions)
+- [Credits](#pray-credits)
+
+> **This guide serves to set clear expectations for everyone involved with the project so that we can improve it together while also creating a welcoming space for everyone to participate. Following these guidelines will help ensure a positive experience for contributors and maintainers.**
+
+## Code of Conduct
+
+Please review the Apache [Code of Conduct](https://www.apache.org/foundation/policies/conduct). It is in effect at all times. We expect it to be honored by everyone who contributes to this project. 
+
+## Asking Questions
+
+## Opening an Issue
+
+### Reporting Security Issues
+
+Review our Apache [Security Policy](https://www.apache.org/security/). **Do not** file a public issue for security vulnerabilities.
+
+### Bug Reports and Other Issues
+
+## Feature Requests
+
+1. Minor feature requests, such as adding a metric or configuration flag should be opened as an Issue.
+
+2. Major feature requests, such as replication, modernizing the boot process should be opened as an Issue tagged with 'propsoal'.
+
+## Triaging Issues
+
+## Code Contributions
+
+### Submitting Pull Requests
+
+1. Pull Requests that need review or discussion should be created as a 'Draft' with the 'WIP:' prefix in the title.
+
+### Writing Commit Messages
+
+### Pull Request Review
+
+### Coding Style
+
+### Certification of origin
+
+1. Apache ActiveMQ committers should sign all commits using an SSH key tied to their apache.org email address
+
+2. Outside contributors are encouraged to sign commits using SSH keys
+
+## Software Supply Chain  Security
+
+Apache ActiveMQ secures the software supply chain 
+
+1. Apache ActiveMQ committers sign every commit using an SSH key tied to their apache.org email address
+
+2. Apache ActiveMQ releases are monitored with reproducible builds to ensure published binaries match the source tree 
+
+## Credits
+
+Created by [@mattrpav](https://github.com/mattrpav). 
+