Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ RabbitMQ user roles and access control     - The Linux kernel and AVL tree in red-black tree (Programming)

- vnStatSVG: traffic monitoring software vnStat (Linux)

- Simple to use Linux GPG (Linux)

- Linux System Getting Started Tutorial: Linux file permissions brief description (Linux)

- Download Manager uGet 2.0 installed in Debian, Ubuntu, Linux Mint and Fedora (Linux)

- How to configure chroot environment in Ubuntu 14.04 (Linux)

- Linux raw socket (Programming)

- Give your photos Instagram style filters plus program in ubuntu (Linux)

- Protection Docker container Notice (Server)

- A simple shell script for monitoring in Linux (Linux)

- RHEL7 unattended automatic installation DHCP + TFTP + SYSLINUX + TFTP + Kickstart (Linux)

- Java gets the current system time System.currentTimeMillis () (Programming)

- Orionode source Linux Mint installation (Linux)

- Git uses a standard process (Linux)

- Install Apache streaming media services on CentOS 6.4 (Server)

- Ubuntu configuration SVN and http mode access (Server)

- CUDA (including GPU card driver) installation process under Ubuntu (Linux)

- Ubuntu Linux installation GAMIT10.6 (Linux)

- Ubuntu: HDF5 error: HDF5 header version does not match with the HDF5 library (Linux)

- Ubuntu treated with cue file to ape and wav files automatically track points (Linux)

 
         
  RabbitMQ user roles and access control
     
  Add Date : 2016-04-26      
         
         
         
  User roles RabbitMQ Category:
none, management, policymaker, monitoring, administrator

RabbitMQ all kinds of role description:
none
You can not access the management plugin

management
Users can do anything AMQP plus:
A list of your signed by AMQP virtual hosts
View your virtual hosts in the queues, exchanges and bindings
View and close their channels and connections
See "global" statistical information on their own virtual hosts, including other user activity in these virtual hosts.

policymaker
Anything management can do plus:
View, create, and delete their own policies and parameters of the virtual hosts belongs

monitoring
Anything management can do plus:
List all virtual hosts, including virtual hosts that they can not log in
View other users' connections and channels
View node-level data such as clustering and memory usage
See the real statistics on the global to all virtual hosts

administrator
policymaker and monitoring can do anything plus:
Create and delete virtual hosts
View, create, and delete users
See Create and delete permissions
Close other user connections

Create users and set roles:
You can create an administrator user, responsible for the entire MQ operation and maintenance, for example:

$ Sudo rabbitmqctl add_user user_admin passwd_admin
Given its administrator roles:

$ Sudo rabbitmqctl set_user_tags user_admin administrator

RabbitMQ can be created to monitor user, responsible for the entire MQ monitoring, for example:

$ Sudo rabbitmqctl add_user user_monitoring passwd_monitor
Given its monitoring role:

$ Sudo rabbitmqctl set_user_tags user_monitoring monitoring
You can create a dedicated user of a project, the project can only access their own virtual hosts

$ Sudo rabbitmqctl add_user user_proj passwd_proj
Given its monitoring role:

$ Sudo rabbitmqctl set_user_tags user_proj management
Create and assign roles after the completion of review and confirm:

$ Sudo rabbitmqctl list_users
########################
#RabbitMQ Access control:
########################
The default virtual host: "/"
Default User: guest
guest, with full privileges "/" on localhost only have access RabbitMQ include Plugin, it proposed to delete or change your password. Abolition of restrictions can be accessed by their local profile loopback_users set hole:
[{Rabbit, [{loopback_users, []}]}]

Users can access their virtual hosts only the resources to operate. Resources here refers to the virtual hosts in the exchanges, queues, etc., operations including resource configuration, writing, reading. Configuration rights can create, delete, and modify the behavior of resources resources write permissions can send messages to the resource, read access to get messages from resources. such as:
exchange and declare the queue and delete permissions are required to configure and queue on the exchange
exchange of bind and unbind need read and write permissions of exchange
The queue bind and unbind need write access to exchange queue read access
Write permission message (publish) the need to exchange
Read permission to get or clear (get, consume, purge) queue of messages required

What has the configuration of resources, write and read access via regular expressions to match the specific command as follows:
set_permissions [-p < vhostpath >] < user > < conf > < write > < read >
Where, < conf > < write > < read > positions were using regular expressions to match specific resources, such as '^ (amq \ .gen * |. Amq \ .default) $' can match the server and generate a default exchange, '^ $' does not match any resources

Note that RabbitMQ caches permissions for each connection or channel verification result, and therefore change permissions after the occurrence of the need to reconnect to take effect.

Empowering the user:

$ Sudo rabbitmqctl set_permissions -p / vhost1 user_admin '. *' '. *' '. *'
This command allows the user to configure all resources have user_admin / vhost1 this virtual host, the write and read permission to manage its resources


View permissions:

$ Sudo rabbitmqctl list_user_permissions user_admin
Listing permissions for user "user_admin" ...
/ Vhost1. *. *. *
  
$ Sudo rabbitmqctl list_permissions -p / vhost1
Listing permissions in vhost "/ vhost1" ...
user_admin. *. *. *
     
         
         
         
  More:      
 
- Two alert log ORA Errors (Database)
- Comparison of Nginx and Nginx + (Server)
- Use of the storage-level replication technology will quickly clone a ASM database to the target environment (Database)
- Compile and install Ubuntu Linux 4.0.5 kernel, network and fix vmware kernel module compilation error (Linux)
- Oracle 11g modify MEMORY_TARGET (Database)
- Open source backup software installed on Ubuntu Systemback 1.6.201 (Linux)
- CentOS6.5 install SVN & visual management tools iF.SVNAdmin (Server)
- MySQL binary packages install for RedHat Linux Enterprise 6.4 (Database)
- VirtualBox virtual machine to install Linux (Linux)
- KVM add virtual disks (Linux)
- Preps - Print within the specified range of IP addresses (Linux)
- Normal start Lazarus 1.0.8 under Ubuntu (Linux)
- RMAN backup file is much larger than the size of the database Cause Analysis (Database)
- Linux iptables: basic principles and rules (Linux)
- To set up the printer use Nagios Monitoring Server (Server)
- curl Usage: Being the first site header and status codes (Server)
- Install the latest ATI / Nvidia graphics driver on Ubuntu (Linux)
- To delete the directory and all specified files under the Mac (Linux)
- There are three ways to run a Linux operating system from a USB stick (Linux)
- Parts of the partition is not recognized after Debian mount mobile hard disk (Linux)
     
           
     
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.