[rabbitmq-discuss] Group/tag based access control

• Previous message: [rabbitmq-discuss] 2.8.0 bug in the mgmt interface
• Next message: [rabbitmq-discuss] RabbitMQ and Erlang --enable-native-libs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

AFAIK, RabbitMQ's access control is user based. This can be cumbersome to
configure if you allow many different users as this requires many similar
permissions quintuples. It would be really nice to allow group based access
control, i.e. permissions applying to multiple users.

It seems that RabbitMQ has most of it already since it knows about user
tags. So what about extending the use of tags so that they can be used for
access control. I think that arbitrary tag names are already allowed so the
only missing thing is allowing permissions with tags.  Something like:

$ rabbitmqctl set_permissions -p /myvhost tag:foo "^bar-.*" ".*" ".*"

that would match any user with the tag "foo".

Cheers,

Lionel

• Previous message: [rabbitmq-discuss] 2.8.0 bug in the mgmt interface
• Next message: [rabbitmq-discuss] RabbitMQ and Erlang --enable-native-libs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]