community.rabbitmq.rabbitmq_user – Manage RabbitMQ users

Note

This plugin is part of the community.rabbitmq collection (version 1.1.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.rabbitmq.

To use it in a playbook, specify: community.rabbitmq.rabbitmq_user.

Synopsis

  • Add or remove users to RabbitMQ and assign permissions

Parameters

Parameter Choices/Defaults Comments
configure_priv
string
Default:
"^$"
Regular expression to restrict configure actions on a resource for the specified vhost.
By default all actions are restricted.
This option will be ignored when permissions option is used.
force
boolean
    Choices:
  • no ←
  • yes
Deletes and recreates the user.
node
string
Default:
"rabbit"
erlang node name of the rabbit we wish to configure
password
string
Password of user to add.
To change the password of an existing user, you must also specify update_password=always.
permissions
list / elements=dictionary
Default:
[]
a list of dicts, each dict contains vhost, configure_priv, write_priv, and read_priv, and represents a permission rule for that vhost.
This option should be preferable when you care about all permissions of the user.
You should use vhost, configure_priv, write_priv, and read_priv options instead if you care about permissions for just some vhosts.
read_priv
string
Default:
"^$"
Regular expression to restrict configure actions on a resource for the specified vhost.
By default all actions are restricted.
This option will be ignored when permissions option is used.
state
string
    Choices:
  • present ←
  • absent
Specify if user is to be added or removed
tags
string
User tags specified as comma delimited
update_password
string
    Choices:
  • on_create ←
  • always
on_create will only set the password for newly created users. always will update passwords if they differ.
user
string / required
Name of user to add

aliases: username, name
vhost
string
Default:
"/"
vhost to apply access privileges.
This option will be ignored when permissions option is used.
write_priv
string
Default:
"^$"
Regular expression to restrict configure actions on a resource for the specified vhost.
By default all actions are restricted.
This option will be ignored when permissions option is used.

Examples

# Add user to server and assign full access control on / vhost.
# The user might have permission rules for other vhost but you don't care.
- community.rabbitmq.rabbitmq_user:
    user: joe
    password: changeme
    vhost: /
    configure_priv: .*
    read_priv: .*
    write_priv: .*
    state: present

# Add user to server and assign full access control on / vhost.
# The user doesn't have permission rules for other vhosts
- community.rabbitmq.rabbitmq_user:
    user: joe
    password: changeme
    permissions:
      - vhost: /
        configure_priv: .*
        read_priv: .*
        write_priv: .*
    state: present

Authors

  • Chris Hoffman (@chrishoffman)