Replies: 1 comment 12 replies
-
Topic permissions will not help restrict access to other queues. That's what regular permissions are for. An MQTT consumer will need |
Beta Was this translation helpful? Give feedback.
12 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Problem
I'm trying to restrict some users on my RabbitMQ, namely ones that connect via MQTT.
From what I understand from the docs,
the user (subscriber and publisher) needs permissions on the relevant vHost to:
If I want to restrict the topics the user can listen to, I have to configure that accordingly as well.
Example Setup
mqtt-host
and the defaultamq.topic
exchangeclient-id = foobar
looking to:client/foobar/commands/#
client/fazbat/events/#
client/foobar/events/status
Attempt
Of course, everything works when user
foobar
has all permissions (.* , .* , .*
) on vHostmqtt-host
and there are no topic permissions in place.The following user restrictions all lead to the subscription being denied:
Specifying just
client
in the topic permission works...:... however, trying to specify any more than that leads to the request being denied again:
How would I correctly set up the permissions so that each user/client in my system can only do what they need to and not, for example, mess with the queues of other clients?
Beta Was this translation helpful? Give feedback.
All reactions