Granular access for a Message-VPN user on Solace Cloud.

uherbst · February 5, 2021, 10:16am

Hi Abu,

question 1: granular level access:
As documented here: https://docs.solace.com/Configuring-and-Managing/CLI-User-Access-Levels.htm#CLI, there are 4 levels of access: none, read-only, read-write and admin.
Admin is for the whole broker.
read-only & read-write can be configured for the whole broker or for single message-vpns.

question 2: separate business logic from broker configuration:

Our APIs have calls to automatically create queues and topic subscriptions - but that’s not true for all supported APIs (eg: the MQTT standard does not support this)
we support REST-API calls to the broker to configure all necessary objects like queues, profiles, topic subscriptions.

Common practice is: create client-username(s), client-profiles, acl-profiles, topic-subscriptions outside the business logic (manually or automatically in your CI/CD pipeline).

Topic		Replies	Views
Is it possible to set up broker specific access In Pub Sub + Cloud PubSub+ Event Portal security	2	6	May 19, 2025
Is there a difference for Solace CLI Commands in PubSub+ Cloud / Software Event Broker / Appliance PubSub+ Event Broker cli , solace-cloud , solacepubsub	3	155	October 30, 2023
PubSub+ Maximum Message VPNs PubSub+ Event Broker	3	174	June 14, 2024
Automate entire broker service using terraform and backup General Discussions broker , solacepubsub	4	44	March 18, 2025
The limitations in User Authentication within the event broker PubSub+ Event Broker event-portal , solacepubsub	6	101	December 10, 2024

Granular access for a Message-VPN user on Solace Cloud.

Related topics