sqs-dg-2009-02-01

Amazon Simple Queue Service Developer Guide
Using The Access Policy Language
Topics
• Overview (p. 33)
• How to Write a Policy (p. 46)
• Amazon SQS Policy Examples (p. 57)
• Special Information for SQS Policies (p. 61)
This section is for Amazon SQS users who want to write their own access control policies.You don't need
to write your own policies if you want to allow access based only on AWS account ID and basic permissions
(e.g., SendMessage, ReceiveMessage). In that case, you can just use the SQS AddPermission action.
If you want to explicitly deny access or allow it based on finer conditions (such as the time the request
comes in or the IP address of the requester), you need to write your own policies and upload them to the
AWS system using the SQS SetQueueAttributes action.
Note
To write your own policies, you must be familiar with JSON. For more information, go to
http://json.org.
The main portion of this section includes basic concepts you need to understand, how to write a policy,
and the logic AWS uses to evaluate policies and decide whether to give the requester access to the
resource. Although most of the information in this section is service-agnostic, there are some SQS-specific
details you need to know. For more information, see Special Information for SQS Policies (p. 61).
API Version 2009-02-01
32