rabbitmqctl add_user: Create Test Users
rabbitmqctl add_user <user> <pass> creates a RabbitMQ user; set_permissions and set_user_tags then grant it access, which the default guest user lacks remotely.
The built-in guest user can only connect from localhost, so multi-container CI usually needs a real user. add_user plus set_permissions creates one your app and tests can authenticate with.
What it does
rabbitmqctl add_user creates a user with a password. set_permissions grants configure, write, and read regexes on a vhost. set_user_tags assigns tags such as administrator for management access. Together they replace the localhost-only guest account.
Common usage
rabbitmqctl add_user appuser apppass
rabbitmqctl set_permissions -p / appuser ".*" ".*" ".*"
rabbitmqctl set_user_tags appuser administrator
# run inside the broker container in CI
docker exec rabbitmq rabbitmqctl add_user appuser apppassOptions
| Command | What it does |
|---|---|
| add_user <user> <pass> | Create a user |
| set_permissions -p <vhost> <user> <c> <w> <r> | Grant configure/write/read regexes |
| set_user_tags <user> <tag> | Assign tags such as administrator |
| delete_user <user> | Remove a user |
| change_password <user> <pass> | Change a password |
In CI
The three permission arguments are configure, write, and read regexes; ".*" ".*" ".*" grants full access on the vhost, fine for a throwaway test broker. You can also provision users declaratively with RABBITMQ_DEFAULT_USER and RABBITMQ_DEFAULT_PASS env vars on the official image instead of running add_user.
Common errors in CI
Your app connecting as guest from another container gets "ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN" because guest is localhost-only; create a real user. Forgetting set_permissions means the user authenticates but then hits "access to vhost '/' refused". "user_already_exists" means add_user ran twice; use change_password or ignore it.