Open
Description
SUMMARY
Currently, the topic_permissions list of dicts in rabbitmq_user works like the permissions list of dicts: all the permissions must be defined, for all vhosts.
ISSUE TYPE
- Feature Idea
COMPONENT NAME
rabbitmq_user
ADDITIONAL INFORMATION
It would be very practical if we could define the topic_permissions for a particular vhost without touching those defined in other vhosts. At the moment, using topic_permissions with the non-bulk options (vhost, read_priv, write_priv) is confusing because the latter option only apply to the specified vhost, while topic_permissions apply to all vhosts.
- name: access in /vhost1
rabbitmq_user:
user: "username"
vhost: /vhost1
configure_priv: .*
read_priv: .*
write_priv: .*
topic_permissions:
- vhost: /vhost1
read_priv: .*
write_priv: "^(amq\\.topic)|({username}.*)$"
# This will clear the previously defined topic permissions in /vhost1, although it should only apply to /vhost2
- name: access in /vhost2
rabbitmq_user:
user: "username"
vhost: /vhost2
configure_priv: .*
read_priv: .*
write_priv: .*
Metadata
Metadata
Assignees
Labels
No labels