AWS::AmazonMQ::Broker User - AWS CloudFormation

AWS::AmazonMQ::Broker User

The list of broker users (persons or applications) who can access queues and topics. For Amazon MQ for RabbitMQ brokers, one and only one administrative user is accepted and created when a broker is first provisioned. All subsequent broker users are created via the RabbitMQ web console or by using the RabbitMQ management API.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "ConsoleAccess" : Boolean, "Groups" : [ String, ... ], "Password" : String, "ReplicationUser" : Boolean, "Username" : String }

YAML

ConsoleAccess: Boolean Groups: - String Password: String ReplicationUser: Boolean Username: String

Properties

ConsoleAccess

Enables access to the ActiveMQ web console for the ActiveMQ user. Does not apply to RabbitMQ brokers.

Required: No

Type: Boolean

Update requires: No interruption

Groups

The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long. Does not apply to RabbitMQ brokers.

Required: No

Type: Array of String

Update requires: No interruption

Password

The password of the user. This value must be at least 12 characters long, must contain at least 4 unique characters, and must not contain commas, colons, or equal signs (,:=).

Required: Yes

Type: String

Update requires: No interruption

ReplicationUser

Defines if this user is intended for CRDR replication purposes.

Required: No

Type: Boolean

Update requires: No interruption

Username

The username of the broker user. For Amazon MQ for ActiveMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). For Amazon MQ for RabbitMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores (- . _). This value must not contain a tilde (~) character. Amazon MQ prohibts using guest as a valid usename. This value must be 2-100 characters long.

Important

Do not add personally identifiable information (PII) or other confidential or sensitive information in broker usernames. Broker usernames are accessible to other AWS services, including CloudWatch Logs. Broker usernames are not intended to be used for private or sensitive data.

Required: Yes

Type: String

Update requires: No interruption