Skip to content
Latchkey

rabbitmqctl add_user: Create Test Users

rabbitmqctl add_user <user> <pass> creates a RabbitMQ user; set_permissions and set_user_tags then grant it access, which the default guest user lacks remotely.

The built-in guest user can only connect from localhost, so multi-container CI usually needs a real user. add_user plus set_permissions creates one your app and tests can authenticate with.

What it does

rabbitmqctl add_user creates a user with a password. set_permissions grants configure, write, and read regexes on a vhost. set_user_tags assigns tags such as administrator for management access. Together they replace the localhost-only guest account.

Common usage

Terminal
rabbitmqctl add_user appuser apppass
rabbitmqctl set_permissions -p / appuser ".*" ".*" ".*"
rabbitmqctl set_user_tags appuser administrator
# run inside the broker container in CI
docker exec rabbitmq rabbitmqctl add_user appuser apppass

Options

CommandWhat it does
add_user <user> <pass>Create a user
set_permissions -p <vhost> <user> <c> <w> <r>Grant configure/write/read regexes
set_user_tags <user> <tag>Assign tags such as administrator
delete_user <user>Remove a user
change_password <user> <pass>Change a password

In CI

The three permission arguments are configure, write, and read regexes; ".*" ".*" ".*" grants full access on the vhost, fine for a throwaway test broker. You can also provision users declaratively with RABBITMQ_DEFAULT_USER and RABBITMQ_DEFAULT_PASS env vars on the official image instead of running add_user.

Common errors in CI

Your app connecting as guest from another container gets "ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN" because guest is localhost-only; create a real user. Forgetting set_permissions means the user authenticates but then hits "access to vhost '/' refused". "user_already_exists" means add_user ran twice; use change_password or ignore it.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →