From a9c97618a17761c1cf3e6c9b2ec54600517b9a2e Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Mon, 23 Sep 2019 17:26:19 +0000 Subject: [PATCH] rabbitmq_cluster: Switch how permissions are done and give admin all perms The way we were granting perms to admin was just on existing vhost/queues. Instead we should just give admin full privs to any queues/vhosts that might exist now or later. Signed-off-by: Kevin Fenzi --- roles/rabbitmq_cluster/tasks/main.yml | 36 ++++++++------------------- 1 file changed, 10 insertions(+), 26 deletions(-) diff --git a/roles/rabbitmq_cluster/tasks/main.yml b/roles/rabbitmq_cluster/tasks/main.yml index 6e191f870e..1b278f85e2 100644 --- a/roles/rabbitmq_cluster/tasks/main.yml +++ b/roles/rabbitmq_cluster/tasks/main.yml @@ -228,19 +228,11 @@ rabbitmq_user: user: admin password: "{{ rabbitmq_admin_password_staging }}" - permissions: - - vhost: / - configure_priv: .* - read_priv: .* - write_priv: .* - - vhost: /pubsub - configure_priv: .* - read_priv: .* - write_priv: .* - - vhost: /public_pubsub - configure_priv: .* - read_priv: .* - write_priv: .* + vhost: / + configure_priv: .* + read_priv: .* + write_priv: .* + state: present tags: management when: env == "staging" and inventory_hostname.startswith('rabbitmq01') tags: @@ -251,19 +243,11 @@ rabbitmq_user: user: admin password: "{{ rabbitmq_admin_password_production }}" - permissions: - - vhost: / - configure_priv: .* - read_priv: .* - write_priv: .* - - vhost: /pubsub - configure_priv: .* - read_priv: .* - write_priv: .* - - vhost: /public_pubsub - configure_priv: .* - read_priv: .* - write_priv: .* + vhost: / + configure_priv: .* + read_priv: .* + write_priv: .* + state: present tags: management when: env == "production" and inventory_hostname.startswith('rabbitmq01') tags: