community.rabbitmq.rabbitmq_user – Manage RabbitMQ users

Note

This plugin is part of the community.rabbitmq collection.

To install it use: ansible-galaxy collection install community.rabbitmq.

To use it in a playbook, specify: community.rabbitmq.rabbitmq_user.

Synopsis

  • Add or remove users to RabbitMQ and assign permissions

Parameters

Parameter Choices/Defaults Comments
configure_priv
string
Default:
"^$"
Regular expression to restrict configure actions on a resource for the specified vhost.
By default all actions are restricted.
This option will be ignored when permissions option is used.
force
boolean
    Choices:
  • no ←
  • yes
Deletes and recreates the user.
node
string
Default:
"rabbit"
erlang node name of the rabbit we wish to configure
password
string
Password of user to add.
To change the password of an existing user, you must also specify update_password=always.
permissions
list / elements=dictionary
Default:
[]
a list of dicts, each dict contains vhost, configure_priv, write_priv, and read_priv, and represents a permission rule for that vhost.
This option should be preferable when you care about all permissions of the user.
You should use vhost, configure_priv, write_priv, and read_priv options instead if you care about permissions for just some vhosts.
read_priv
string
Default:
"^$"
Regular expression to restrict configure actions on a resource for the specified vhost.
By default all actions are restricted.
This option will be ignored when permissions option is used.
state
string
    Choices:
  • present ←
  • absent
Specify if user is to be added or removed
tags
string
User tags specified as comma delimited
update_password
string
    Choices:
  • on_create ←
  • always
on_create will only set the password for newly created users. always will update passwords if they differ.
user
string / required
Name of user to add

aliases: username, name
vhost
string
Default:
"/"
vhost to apply access privileges.
This option will be ignored when permissions option is used.
write_priv
string
Default:
"^$"
Regular expression to restrict configure actions on a resource for the specified vhost.
By default all actions are restricted.
This option will be ignored when permissions option is used.

Examples

# Add user to server and assign full access control on / vhost.
# The user might have permission rules for other vhost but you don't care.
- community.rabbitmq.rabbitmq_user:
    user: joe
    password: changeme
    vhost: /
    configure_priv: .*
    read_priv: .*
    write_priv: .*
    state: present

# Add user to server and assign full access control on / vhost.
# The user doesn't have permission rules for other vhosts
- community.rabbitmq.rabbitmq_user:
    user: joe
    password: changeme
    permissions:
      - vhost: /
        configure_priv: .*
        read_priv: .*
        write_priv: .*
    state: present

Authors

  • Chris Hoffman (@chrishoffman)