sqs-dg-2009-02-01
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Amazon Simple Queue Service Developer Guide<br />
Using the Access Policy Language<br />
Using the Access Policy Language<br />
The following figure and table describe the general process of how access control works with the access<br />
policy language.<br />
Process for Using Access Control with the Access Policy Language<br />
1<br />
2<br />
3<br />
4<br />
5<br />
6<br />
You write a policy for your resource.<br />
For example, you write a policy to specify permissions for your Amazon SQS queues. For more<br />
information, see How to Write a Policy (p. 46).<br />
You upload your policy to AWS.<br />
The AWS service itself provides an API you use to upload your policies. For example, you use<br />
the Amazon SQS SetQueueAttributes action to upload a policy for a particular Amazon SQS<br />
queue.<br />
Someone sends a request to use your resource.<br />
For example, a user sends a request to SQS to use one of your queues.<br />
The AWS service determines which policies are applicable to the request.<br />
For example, SQS looks at all the available SQS policies and determines which ones are applicable<br />
(based on what the resource is, who the requester is, etc.).<br />
The AWS service evaluates the policies.<br />
For example, SQS evaluates the policies and determines if the requester is allowed to use your<br />
queue or not. For information about the decision logic, see Evaluation Logic (p. 39).<br />
The AWS service either denies the request or continues to process it.<br />
For example, based on the policy evaluation result, the service either returns an "Access denied"<br />
error to the requester or continues to process the request.<br />
Related Topics<br />
• Architectural Overview (p. 36)<br />
API Version <strong>2009</strong>-<strong>02</strong>-<strong>01</strong><br />
38