Compose RabbitMQ deployments use RabbitMQ's built-in access control.
When you provision a new deployment you are automatically given an admin user to access and manage RabbitMQ.
Since Compose deployments come with the RabbitMQ Management Plugin enabled, users' access is also controlled by user tags. These tags control what information is available to users through the management UI,
rabbitmqadmin, and the RabbitMQ HTTP API.
The admin user
Every RabbitMQ deployment comes with an admin user. This admin user had full administrative privileges on your RabbitMQ deployment.
The biggest difference between the admin user and any other users you add to your deployment is the ability to provision new vhosts and manage all other users' permissions and access.
It is the only user that is initially granted access to all the settings and configuration that is found in the Admin tab in the management UI.
The guest user
The guest user is also automatically provisioned on your RabbitMQ, however, it's password is unset. It is not able to log into or use RabbitMQ. You can log into RabbitMQ with your admin user to manage it's password, permissions, tags, or even delete it entirely.
The admin user can create other users directly in RabbitMQ. The RabbitMQ Management Plugin UI has a tab for user creation and management.
You can create and assign tags to users however you want. Users that are created directly in RabbitMQ like this are not mapped or connected to your Compose account in any way, and can only be used to connect directly to RabbitMQ.
Still Need Help?
If this article didn't solve things, summon a human and get some help!
Updated about 3 years ago