AMQP Users

Introduction

There are four AMQP access points available to device drivers and support services:

ase.exchange.api (fanout)
Exchange to publish API request, a callback queue needs to be created to subscribe to for the response
ase.exchange.telemetry (headers)
Exchange to publish telemetry data, or to bind a queue for subscribing to telemetry data
ase.exchange.driver (headers)
Exchange to bind a custom queue to and subscribe to process incoming messages
ase.exchange.core (headers)
Exchange to publish specific messages to core services

The following four users are created on the RabbitMQ broker with specific permissions. The parameters below are taken directly from the Go code, but should be easy to understand. For details on RabbitMQ authorisation see "Authorisation: How Permissions Work" section of the RabbitMQ documentation.

API

username := os.Getenv("ASE_CORE_API_USER")
password := os.Getenv("ASE_CORE_API_PASSWORD")
vhost := "/"
configureRegexp := `^ase\.callback\.api\.`
writeRegexp := `^ase\.exchange\.api$`
readRegexp := `^ase\.callback\.api\.`

Using the default parameters, the username is "api-user" and the password is autogenerated (if left blank in the configuration). The password is stored in a kubernetes secret.

This user is allowed to
  • Create queues with the "ase.callback.api." prefix
  • Consumer messages from these "ase.callback.api." prefixed queues
  • Publish to the "ase.exchange.api" exchange

Device Driver

username := os.Getenv("ASE_CORE_DEVICE_DRIVER_USER")
password := os.Getenv("ASE_CORE_DEVICE_DRIVER_PASSWORD")
vhost := "/"
configureRegexp := `^ase\.queue\.driver\.`
writeRegexp := `^(ase\.exchange\.core|ase\.queue\.driver\..*)$`
readRegexp := `^(ase\.exchange\.driver|ase\.queue\.driver\..*)$`

Using the default parameters the username is "device-driver-user" and the password is autogenerated (if left blank in the configuration). The password is stored in a kubernetes secret.

This user is allowed to
  • create queues with the "ase.queue.driver." prefix
  • bind these "ase.queue.driver." prefixed queues to the "ase.exchange.driver" exchange
  • consume messages from these "ase.queue.driver." prefixed queues
  • publish to the "ase.exchange.core" exchange

Telemetry

username := os.Getenv("ASE_CORE_TELEMETRY_USER")
password := os.Getenv("ASE_CORE_TELEMETRY_PASSWORD")
vhost := "/"
configureRegexp := "^$"
writeRegexp := `^ase\.exchange\.telemetry$`
readRegexp := "^$"

Using the default parameters, the username is "telemetry-user" and the password is autogenerated (if left blank in the configuration). The password is stored in a kubernetes secret.

This user is allowed to
  • publish to the "ase.exchange.telemetry" exchange

Support

username := os.Getenv("ASE_CORE_SUPPORT_USER")
password := os.Getenv("ASE_CORE_SUPPORT_PASSWORD")
vhost := "/"
configureRegexp := `^(ase\.queue\.telemetry\-support\-|ase\.queue\.support\-)`
writeRegexp := `^(ase\.queue\.telemetry\-support\-.*|ase\.queue\.support\-.*|amq\.gen\-.*|amq\.default)$`
readRegexp := `^(ase\.exchange\.telemetry|ase\.queue\.telemetry\-support\-.*|ase\.queue\.support\-.*)$`

Using the default parameters, the username is "support-user" and the password is autogenerated (if left blank in the configuration). The password is stored in a kubernetes secret.

This user is allowed to
  • create queues with the "ase.queue.telemetry-support-" prefix
  • bind these "ase.queue.telemetry-support-" prefixed queues to the "ase.exchange.telemetry" exchange
  • consume messages from these "ase.queue.telemetry-support-" prefixed queues
  • create queues with the "ase.queue.support-" prefix
  • consume messages from these "ase.queue.support-" prefixed queues
  • publish to "amq.gen-" prefixed queues (incoming messages on "ase.queue.support." will use a replyTo of "amq.gen-")