Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ RabbitMQ user roles and access control     - ORA-04091 and Compound Trigger (Oracle 11g) (Database)

- Automatic Clear date directory shell script (Linux)

- Let your PHP 7 faster the Hugepage (Linux)

- Protobuf compiled and used on the Ubuntu 14.04 (Programming)

- Sublime Text 3 using summary (Linux)

- Python format string (Programming)

- Linux security settings (Linux)

- Analytical Ceph: handle network layer (Server)

- SQLite3 simple operation (Database)

- Java concurrent programming using the synchronized keyword ReentrantLock alternative primitive (Programming)

- Windows 7 hard disk installation notes Debian (Linux)

- Python basis: os module on the file / directory using methods commonly used functions (Programming)

- redis configuration in detail (English) (Database)

- CentOS yum install LAMP (Server)

- How to Use Nmap security scanner tool on Linux (Linux)

- Linux6.1 / 6.5 dual-NIC Binding (Linux)

- Shell script to crawl through AWR SQL Report Problems (Database)

- Vi (Vim) keyboard map and its basic commands (Linux)

- Spark read more HBase tables a RDD (Server)

- MySQL migration tool used in the production environment (Database)

  RabbitMQ user roles and access control
  Add Date : 2016-04-26      
  User roles RabbitMQ Category:
none, management, policymaker, monitoring, administrator

RabbitMQ all kinds of role description:
You can not access the management plugin

Users can do anything AMQP plus:
A list of your signed by AMQP virtual hosts
View your virtual hosts in the queues, exchanges and bindings
View and close their channels and connections
See "global" statistical information on their own virtual hosts, including other user activity in these virtual hosts.

Anything management can do plus:
View, create, and delete their own policies and parameters of the virtual hosts belongs

Anything management can do plus:
List all virtual hosts, including virtual hosts that they can not log in
View other users' connections and channels
View node-level data such as clustering and memory usage
See the real statistics on the global to all virtual hosts

policymaker and monitoring can do anything plus:
Create and delete virtual hosts
View, create, and delete users
See Create and delete permissions
Close other user connections

Create users and set roles:
You can create an administrator user, responsible for the entire MQ operation and maintenance, for example:

$ Sudo rabbitmqctl add_user user_admin passwd_admin
Given its administrator roles:

$ Sudo rabbitmqctl set_user_tags user_admin administrator

RabbitMQ can be created to monitor user, responsible for the entire MQ monitoring, for example:

$ Sudo rabbitmqctl add_user user_monitoring passwd_monitor
Given its monitoring role:

$ Sudo rabbitmqctl set_user_tags user_monitoring monitoring
You can create a dedicated user of a project, the project can only access their own virtual hosts

$ Sudo rabbitmqctl add_user user_proj passwd_proj
Given its monitoring role:

$ Sudo rabbitmqctl set_user_tags user_proj management
Create and assign roles after the completion of review and confirm:

$ Sudo rabbitmqctl list_users
#RabbitMQ Access control:
The default virtual host: "/"
Default User: guest
guest, with full privileges "/" on localhost only have access RabbitMQ include Plugin, it proposed to delete or change your password. Abolition of restrictions can be accessed by their local profile loopback_users set hole:
[{Rabbit, [{loopback_users, []}]}]

Users can access their virtual hosts only the resources to operate. Resources here refers to the virtual hosts in the exchanges, queues, etc., operations including resource configuration, writing, reading. Configuration rights can create, delete, and modify the behavior of resources resources write permissions can send messages to the resource, read access to get messages from resources. such as:
exchange and declare the queue and delete permissions are required to configure and queue on the exchange
exchange of bind and unbind need read and write permissions of exchange
The queue bind and unbind need write access to exchange queue read access
Write permission message (publish) the need to exchange
Read permission to get or clear (get, consume, purge) queue of messages required

What has the configuration of resources, write and read access via regular expressions to match the specific command as follows:
set_permissions [-p < vhostpath >] < user > < conf > < write > < read >
Where, < conf > < write > < read > positions were using regular expressions to match specific resources, such as '^ (amq \ .gen * |. Amq \ .default) $' can match the server and generate a default exchange, '^ $' does not match any resources

Note that RabbitMQ caches permissions for each connection or channel verification result, and therefore change permissions after the occurrence of the need to reconnect to take effect.

Empowering the user:

$ Sudo rabbitmqctl set_permissions -p / vhost1 user_admin '. *' '. *' '. *'
This command allows the user to configure all resources have user_admin / vhost1 this virtual host, the write and read permission to manage its resources

View permissions:

$ Sudo rabbitmqctl list_user_permissions user_admin
Listing permissions for user "user_admin" ...
/ Vhost1. *. *. *
$ Sudo rabbitmqctl list_permissions -p / vhost1
Listing permissions in vhost "/ vhost1" ...
user_admin. *. *. *
- CentOS install Memcached (Server)
- To create a secure network firewall with iptables Under Linux (Linux)
- Linux using DenyHosts prevents ssh cracks (Linux)
- To batch create users under Linux (Linux)
- grep regular expression (Linux)
- Ora-00020: maximum number of processes (500) exceeded (Database)
- How to install and use the Snort in Ubuntu 15.04 (Linux)
- Ubuntu users to install Gnome-Pie 0.6.5 (Linux)
- To disable the function by pressing Ctrl-Alt-Del to restart the system in RHEL / CentOS 5/6 (Linux)
- Linux C programming and Shell Programming in the development of practical tools similarities summary (Programming)
- OpenSUSE 13.1 OpenSUSE 12.3 and how to install Cinnamon 2.2 Desktop (Linux)
- JavaScript function part (Programming)
- Modifying the system registry protection server security (Linux)
- Java object initialization (Programming)
- Java programmers talk about those advanced knowledge and direction (Programming)
- Oracle Listener can not start (TNS-12555, TNS-12560, TNS-00525) (Database)
- SSH automatic disconnection problem solving (Linux)
- stat Usage: Get permission to file the corresponding figures (Linux)
- Linux centralized log server rsyslog (Server)
- Puppet subcommands Introduction (Server)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.