Vault RabbitMQ Secret Engine and user creation

Hello, I am trying to experiment with RabbitMQ Secret Engine.
One thing I have noticed is that when creating secrets it add a suffix with the identity of the token that made the call. More over only automatic username generation is supported. Only GET method is allowed, and all: API, Curl, vault client fails with payload.

My question is, is there a way to create a user with a define username and password instead of the auto-generated ones?


Sorry for late reply, I’ve been busy the last few months :slight_smile:

We do something similar at my company, but not with the Rabbit Secret Engine. We store our user/pass in vault, and then have a sidecar create/update/delete based on changes to vault users. We have Consul as our backend and have Vault store it in a KV version 1 backend. That lets us use consul watch to monitor for changes, and we can apply the updates instantly. I don’t think I can share the code, as it is mixed in with a lot of my companies proprietary code :frowning:

The pattern works well though, because even when the sidecar goes down, it will pick right back up where it left off with a diff of the previous consul watch json.