英文:
Non-administrative user rights in RabbitMQ
问题
我有点困惑这个表格,我需要创建一个具有创建和管理队列权限的用户,但我无法确定需要设置哪些权限。
我不想使用像这样的规则:
rabbitmqctl set_permissions -p "custom-vhost" "username" ".*" ".*" ".*"
我需要设置哪些权限,以便用户不是管理员,但同时可以创建和管理队列?
英文:
I'm a little confused by this table, I need to create a user with rights to create and manage queues, but I can't figure out what rights I need to set
I don't want to use a rule like:
rabbitmqctl set_permissions -p "custom-vhost" "username" ". *" ".*" ".*"
What rights do I need to set the user so that he is not an administrator, but at the same time can create and manage queues?
答案1
得分: 0
在RabbitMQ中,“Administrator”概念仅存在于管理插件(HTTP API),您可以通过HTTP网站或rabbitmqadmin使用它:
管理界面需要进行身份验证和授权,类似于RabbitMQ要求连接的客户端进行身份验证。除了成功的身份验证之外,管理界面访问还受用户标签的控制。这些标签是使用rabbitmqctl进行管理的。新创建的用户默认没有任何标签。
有关标签的描述,请参阅链接。
因此,如果您使用rabbitmqctl set_permissions -p "custom-vhost" "username" ".*" ".*" ".*"为用户授予权限,它将不会成为“管理员”,因为它不会被标记为管理员。它只会具有创建任何队列和交换以及从/到它们的任何队列读取/写入消息的权限。
英文:
In RabbitMQ, the concept of "Administrator" only exists in the management plugin (the HTTP API, which you can use through the HTTP website or rabbitmqadmin):
> The management UI requires authentication and authorisation, much like RabbitMQ requires it from connecting clients. In addition to successful authentication, management UI access is controlled by user tags. The tags are managed using rabbitmqctl. Newly created users do not have any tags set on them by default.
See the link for the description of the tags.
As such, if you give permissions to an user with rabbitmqctl set_permissions -p "custom-vhost" "username" ". *" ".*" ".*", it won't be an "administrator", since it won't be tagged as such. It will just have perissions to create any queue and exchange, and to read/write message from/to any of them.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论