Help Center/ Distributed Message Service for RabbitMQ/ User Guide/ Accessing a RabbitMQ Instance/ Configuring RabbitMQ Access Control/ Configuring RabbitMQ ACL Users
Updated on 2025-07-14 GMT+08:00
View PDF
Share

Configuring RabbitMQ ACL Users

When ACL is enabled for a RabbitMQ instance, message production and consumption require authentication.

This section describes how to create, edit, and delete a user.

Notes and Constraints

  • Deleting a user will remove its authorization relationship and disconnect it from the instance.
  • Available on the console only for RabbitMQ AMQP-0-9-1. By default, you can create users on the management UI, and assign permissions for RabbitMQ 3.x.x instances.

Prerequisites

  • A RabbitMQ AMQP-0-9-1 instance has been purchased.
  • ACL has been enabled.

Creating a User

  1. Log in to the RabbitMQ console.
  2. Click in the upper left corner to select the region where your instance is located.
  3. Click an instance name to go to the instance details page.
  4. In the navigation pane, choose Users.
  5. Click Create User.
  6. Configure the user's name and other parameters by referring to Table 1.

    Table 1 User parameters

    Parameter

    Description

    Username

    You can customize a username that complies with the rules: 7–64 characters; starts with a letter; can contain only letters, digits, hyphens (-), and underscores (_).

    The name cannot be changed after the user is created.

    Password

    Password of the user.

    A password must meet the following requirements:

    • Contains 8 to 32 characters.
    • Contains at least three types of the following characters: uppercase letters, lowercase letters, digits, and special characters `~! @#$ %^&*()-_=+\|[{}];:'",<.>? and spaces, and cannot start with a hyphen (-).
    • Cannot be the username spelled forwards or backwards.

    Confirm Password

    Enter the password again.

    Vhost
    • Accessible Virtual Host: Select a virtual host from the drop-down list box.
    • Assignable Resource: Use regular expressions to grant user permissions for virtual host resources. For example, ^test-.* grants the user permissions for all the resources whose names start with test-.
    • Writable Resource: Use regular expressions to grant user write permissions for virtual host resources. For example, .*, grants user write permissions for all virtual host resources.
    • Readable Resource: Use regular expressions to grant user read permissions for virtual host resources. For example, .* grants user read permissions for all virtual host resources.

    Click Add to add virtual hosts as required.
    Figure 1 Creating a User

  7. Click OK.

    View the new user on the user list page.

  8. After ACL is enabled, user authentication information (username and password) must be added to both the producer and consumer configurations. For details, see the following instructions:

Modifying User Information

  1. Log in to the RabbitMQ console.
  2. Click in the upper left corner to select the region where your instance is located.
  3. Click an instance name to go to the instance details page.
  4. In the navigation pane, choose Users.
  5. In the row containing the desired user, click Edit.
  6. To edit the password, click Edit next to Password and enter a new password. To edit the virtual host:

    Table 2 Parameters for editing a virtual host

    Parameter

    How to Edit

    Accessible Virtual Host

    Select a virtual host from the drop-down list box.

    Assignable Resource

    Use regular expressions to grant user permissions for virtual host resources. For example, ^test-.* grants the user permissions for all the resources whose names start with test-.

    Writable Resource

    Use regular expressions to grant user write permissions for virtual host resources. For example, .*, grants user write permissions for all virtual host resources.

    Readable Resource

    Use regular expressions to grant user read permissions for virtual host resources. For example, .* grants user read permissions for all virtual host resources.

  7. Click OK.

Deleting a User

  1. Log in to the RabbitMQ console.
  2. Click in the upper left corner to select the region where your instance is located.
  3. Click an instance name to go to the instance details page.
  4. In the navigation pane, choose Users.
  5. In the row containing the user to be deleted, click Delete.

    Deleting a user will remove its authorization relationship and disconnect it from the instance.

  6. Click OK.

    The user is deleted when it is removed from the user list.

Related Documents

Parent Topic: Configuring RabbitMQ Access Control