Skip to content

sapcc/rabbitmq-user-credential-updater

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

215 Commits
.github
.github
 
 
updater
updater
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

default-user-credential-updater

This is a program that watches a directory containing RabbitMQ user credential files (with prefix user_). If any credential file changes, it updates the corresponding user's password in RabbitMQ.

It is meant to be deployed as a sidecar container, when several non-default users credentials need to be rotated.

The use case is as-follows:

  1. User passwords change in Vault server.
  2. Vault agent sidecar places new credentials into files with pattern user_<name>_<field> in the watched directory.
  3. This sidecar (default-user-credential-updater) updates the passwords RabbitMQ server side by doing HTTP PUT requests against the RabbitMQ Management API. This allows for password rotation without the need to restart RabbitMQ server.
  4. For admin user updates, this sidecar also copies new credentials to /var/lib/rabbitmq/.rabbitmqadmin.conf to be used by rabbitmqadmin CLI.

About

Updates RabbitMQ default user password

Resources

Readme

License

MPL-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

9 tags

Packages

No packages published

Languages

  • Go 98.2%
  • Dockerfile 1.8%