diff --git a/ansible/roles/rabbitmq/templates/rabbitmq.json.j2 b/ansible/roles/rabbitmq/templates/rabbitmq.json.j2
index 8eb38dc37efb944d7e0e808ba29a10345b1066d3..82d7ad0bb775223782d6b73ffe7d358a2dce9adb 100644
--- a/ansible/roles/rabbitmq/templates/rabbitmq.json.j2
+++ b/ansible/roles/rabbitmq/templates/rabbitmq.json.j2
@@ -1,5 +1,5 @@
 {
-    "command": "sudo -H -u rabbitmq /usr/sbin/rabbitmq-server",
+    "command": "/usr/sbin/rabbitmq-server",
     "config_files": [
         {
             "source": "{{ container_config_directory }}/rabbitmq-env.conf",
diff --git a/docker/rabbitmq/Dockerfile.j2 b/docker/rabbitmq/Dockerfile.j2
index f806f897796a338ff656343d5578271f3bc9b97c..fad8c4e4a70d122a77e4834318f71d345ec9089c 100644
--- a/docker/rabbitmq/Dockerfile.j2
+++ b/docker/rabbitmq/Dockerfile.j2
@@ -28,6 +28,12 @@ RUN /usr/lib/rabbitmq/bin/rabbitmq-plugins enable --offline \
     && /bin/true
 
 COPY extend_start.sh /usr/local/bin/kolla_extend_start
-RUN chmod 755 /usr/local/bin/kolla_extend_start
+COPY rabbitmq_sudoers /etc/sudoers.d/rabbitmq_sudoers
+RUN chmod 755 /usr/local/bin/kolla_extend_start \
+    && chmod 750 /etc/sudoers.d \
+    && chmod 440 /etc/sudoers.d/rabbitmq_sudoers \
+    && usermod -a -G kolla rabbitmq
 
 {{ include_footer }}
+
+USER rabbitmq
\ No newline at end of file
diff --git a/docker/rabbitmq/extend_start.sh b/docker/rabbitmq/extend_start.sh
index e1c1007e33c872ff55027d3d80e564de5c849a62..06e71e810eed8f5d67da0060d910282c771533b0 100644
--- a/docker/rabbitmq/extend_start.sh
+++ b/docker/rabbitmq/extend_start.sh
@@ -3,8 +3,8 @@
 # Bootstrap and exit if KOLLA_BOOTSTRAP variable is set. This catches all cases
 # of the KOLLA_BOOTSTRAP variable being set, including empty.
 if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
+    sudo chown -R rabbitmq: /var/lib/rabbitmq
     echo "${RABBITMQ_CLUSTER_COOKIE}" > /var/lib/rabbitmq/.erlang.cookie
-    chown -R rabbitmq: /var/lib/rabbitmq
     chmod 400 /var/lib/rabbitmq/.erlang.cookie
     exit 0
 fi
diff --git a/docker/rabbitmq/rabbitmq_sudoers b/docker/rabbitmq/rabbitmq_sudoers
new file mode 100644
index 0000000000000000000000000000000000000000..7d3d091d8a267796de00ff06191f197014de3f60
--- /dev/null
+++ b/docker/rabbitmq/rabbitmq_sudoers
@@ -0,0 +1 @@
+%kolla ALL=(root) NOPASSWD: /usr/bin/chown -R rabbitmq\: /var/lib/rabbitmq, /bin/chown -R rabbitmq\: /var/lib/rabbitmq