sqs-dg-2009-02-01
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Amazon Simple Queue Service Developer Guide<br />
Amazon SQS Actions<br />
Example<br />
Following is an ARN for a queue named my_queue in the us-east-1 region, belonging to AWS Account<br />
123456789<strong>01</strong>2.<br />
arn:aws:<strong>sqs</strong>:us-east-1:123456789<strong>01</strong>2:my_queue<br />
Example<br />
If you had a queue named my_queue in each of the different Regions that Amazon SQS supports, you<br />
could specify the queues with the following ARN.<br />
arn:aws:<strong>sqs</strong>:*:123456789<strong>01</strong>2:my_queue<br />
You can use * and ? wildcards in the queue name. For example, the following could refer to all the queues<br />
Bob has created, which he has prefixed with bob_.<br />
arn:aws:<strong>sqs</strong>:*:123456789<strong>01</strong>2:bob_*<br />
As a convenience to you, SQS has a queue attribute called Arn whose value is the queue's ARN. You<br />
can get the value by calling the SQS GetQueueAttributes action.<br />
Amazon SQS Actions<br />
All Amazon SQS actions that you specify in a policy must be prefixed with the lowercase string <strong>sqs</strong>:.<br />
For example, <strong>sqs</strong>:CreateQueue.<br />
Before the introduction of AWS IAM, you could use an SQS policy with a queue to specify which AWS<br />
Accounts have access to the queue.You could also specify the type of access (e.g., <strong>sqs</strong>:SendMessage,<br />
<strong>sqs</strong>:ReceiveMessage, etc.). The specific actions you could grant permission for were a subset of the<br />
overall set of SQS actions. When you wrote an SQS policy and specified * to mean "all the SQS actions",<br />
that meant all actions in that subset. That subset originally included:<br />
• <strong>sqs</strong>:SendMessage<br />
• <strong>sqs</strong>:ReceiveMessage<br />
• <strong>sqs</strong>:ChangeMessageVisibility<br />
• <strong>sqs</strong>:DeleteMessage<br />
• <strong>sqs</strong>:GetQueueAttributes (for all attributes except Policy)<br />
With the introduction of AWS IAM, that list of actions expanded to include the following actions:<br />
• <strong>sqs</strong>:CreateQueue<br />
• <strong>sqs</strong>:DeleteQueue<br />
• <strong>sqs</strong>:ListQueues<br />
The actions related to granting and removing permissions from a queue (<strong>sqs</strong>:AddPermission, etc.)<br />
are reserved and so don't appear in the preceding two lists. This means that Users in the AWS Account<br />
can't use those actions. However, the AWS Account can use those actions.<br />
API Version <strong>2009</strong>-<strong>02</strong>-<strong>01</strong><br />
67