Views
2 weeks ago

sqsputapi

Amazon Simple Queue

Amazon Simple Queue Service Developer Guide Amazon SQS Policy Examples Amazon SQS Policy Examples This section shows example policies for common Amazon SQS use cases. The following example policy gives the developer with AWS account number 123456789012 the SendMessage permission for the queue named 987654321098/queue1. { } "Version": "2008-10-17", "Id": "Queue1_Policy_UUID", "Statement": { "Sid":"Queue1_SendMessage", "Effect": "Allow", "Principal": { "AWS": "123456789012" }, "Action": "sqs:SendMessage", "Resource": "/987654321098/queue1" } The following example policy gives the developer with AWS account number 123456789012 both the SendMessage and ReceiveMessage permission for the queue named 987654321098/queue1. { } "Version": "2008-10-17", "Id": "Queue1_Policy_UUID", "Statement": { "Sid":"Queue1_Send_Receive", "Effect": "Allow", "Principal": { "AWS": "123456789012" }, "Action": ["sqs:SendMessage","sqs:ReceiveMessage"], "Resource": "/987654321098/queue1" } The following example policy gives two different developers (with AWS account numbers 123456789012 and 555566667777) permission to use all actions that SQS allows shared access for the queue named 987654321098/queue1. { "Version": "2008-10-17", "Id": "Queue1_Policy_UUID", "Statement": { "Sid":"Queue1_AllActions", "Effect": "Allow", "Principal": { "AWS": ["123456789012","555566667777"] }, "Action": "sqs:*", API Version 2009-02-01 57

Amazon Simple Queue Service Developer Guide Amazon SQS Policy Examples } } "Resource": "/987654321098/queue1" The following example policy gives all users ReceiveMessage permission for the queue named 987654321098/queue1. { } "Version": "2008-10-17", "Id": "Queue1_Policy_UUID", "Statement": { "Sid":"Queue1_AnonymousAccess_ReceiveMessage", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "sqs:ReceiveMessage", "Resource": "/987654321098/queue1" } The following example policy gives all users ReceiveMessage permission for the queue named 987654321098/queue1, but only between noon and 3:00 p.m. on January 31, 2009. { } "Version": "2008-10-17", "Id": "Queue1_Policy_UUID", "Statement": { "Sid":"Queue1_AnonymousAccess_ReceiveMessage_TimeLimit", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "sqs:ReceiveMessage", "Resource": "/987654321098/queue1", "Condition" : { "DateGreaterThan" : { "aws:CurrentTime":"2009-01-31T12:00Z" }, "DateLessThan" : { "aws:CurrentTime":"2009-01-31T15:00Z" } } } The following example policy gives all users permission to use all possible SQS actions that can be shared for the queue named 987654321098/queue1, but only if the request comes from the 192.168.143.0/24 range. { "Version": "2008-10-17", "Id": "Queue1_Policy_UUID", API Version 2009-02-01 58