Skip to content

rabbitmq/default-user-credential-updater

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

168 Commits
.github
.github
 
 
updater
updater
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

default-user-credential-updater

This is a program that watches a RabbitMQ config file containing default_user and default_pass for changes. If the file changes, it updates the password in RabbitMQ.

It is meant to be deployed as a sidecar container by https://github.com/rabbitmq/cluster-operator when HashiCorp Vault is enabled.

The use case is as-follows:

  1. Default user password changes in Vault server.
  2. Vault agent sidecar places new password into /etc/rabbitmq/conf.d/11-default_user.conf.
  3. This sidecar (default-user-credential-updater) updates the password RabbitMQ server side by doing an HTTP PUT against the RabbitMQ Management API. This allows for default user password rotation without the need to restart RabbitMQ server.
  4. This sidecar copies new password to /var/lib/rabbitmq/.rabbitmqadmin.conf to be used by rabbitmqadmin CLI.

See vault-default-user for an end-to-end example.

About

Updates RabbitMQ default user password

Resources

Readme

License

MPL-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

8 watching

Forks

2 forks
Report repository

Releases 5

1.0.4 Latest
Oct 9, 2023
+ 4 releases

Packages

No packages published

Contributors 5

Languages