Amazon MQ
Developer Guide

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Messaging Authentication and Authorization for ActiveMQ

You can access your brokers using the following protocols with TLS enabled:

Amazon MQ uses native ActiveMQ authentication to manage user permissions. For information about restrictions related to ActiveMQ usernames and passwords, see Limits Related to Users.

To authorize ActiveMQ users and groups to works with queues and topics, you must edit your broker's configuration. Amazon MQ uses ActiveMQ's Simple Authentication Plugin to restrict reading and writing to destinations. For more information and examples, see Always Configure an Authorization Map and authorizationEntry.


Currently, Amazon MQ doesn't support Client Certificate Authentication or plugins for Java Authentication and Authorization Service (JAAS).