When creating a publicly accessible Amazon MQ instance (with RabbitMQ under the hood), I can easily log in to the web console.
However when creating an MQ instance using the same settings and credentials through CDK I can't log in to the web console. The only response from the RabbitMQ service is
{
"error": "not_authorised",
"reason": "Login failed"
}
The Cloudwatch logs indicate that the user was created, but also warn that the user tried to log in using invalid credentials:
2021-07-02 14:20:54.867 [info] <0.1474.0> Created user 'admin'
2021-07-02 14:20:55.587 [info] <0.1481.0> Successfully set user tags for user 'admin' to [administrator]
2021-07-02 14:20:56.295 [info] <0.1488.0> Successfully set permissions for 'admin' in virtual host '/' to '.*', '.*', '.*'
2021-07-02 14:26:14.529 [warning] <0.1639.0> HTTP access denied: user 'admin' - invalid credentials
The construction of the Broker looks like this:
private createMessageBroker(vpc: Vpc, stage: Stage) {
const password: Secret = new Secret(this, 'BrokerAdminPassword', {
generateSecretString: { excludePunctuation: true },
description: 'Password for the Message Broker User',
});
const user: CfnBroker.UserProperty = {
consoleAccess: true,
username: 'admin',
password: password.toString(),
};
new CfnBroker(this, 'TaskMessageBroker', {
autoMinorVersionUpgrade: true,
brokerName: 'MessageBroker',
deploymentMode: 'SINGLE_INSTANCE',
engineType: 'RABBITMQ',
engineVersion: '3.8.11',
hostInstanceType: 'mq.t3.micro',
publiclyAccessible: true,
users: [user],
logs: { general: true },
});
}
Try using the following instead when instantiating your UserProperty
const user: CfnBroker.UserProperty = {
consoleAccess: true,
username: 'admin',
password: password.secretValue.toString(),
}