sqs-dg-2009-02-01
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Amazon Simple Queue Service Developer Guide<br />
Using The Access Policy Language<br />
Topics<br />
• Overview (p. 33)<br />
• How to Write a Policy (p. 46)<br />
• Amazon SQS Policy Examples (p. 57)<br />
• Special Information for SQS Policies (p. 61)<br />
This section is for Amazon SQS users who want to write their own access control policies.You don't need<br />
to write your own policies if you want to allow access based only on AWS account ID and basic permissions<br />
(e.g., SendMessage, ReceiveMessage). In that case, you can just use the SQS AddPermission action.<br />
If you want to explicitly deny access or allow it based on finer conditions (such as the time the request<br />
comes in or the IP address of the requester), you need to write your own policies and upload them to the<br />
AWS system using the SQS SetQueueAttributes action.<br />
Note<br />
To write your own policies, you must be familiar with JSON. For more information, go to<br />
http://json.org.<br />
The main portion of this section includes basic concepts you need to understand, how to write a policy,<br />
and the logic AWS uses to evaluate policies and decide whether to give the requester access to the<br />
resource. Although most of the information in this section is service-agnostic, there are some SQS-specific<br />
details you need to know. For more information, see Special Information for SQS Policies (p. 61).<br />
API Version <strong>2009</strong>-<strong>02</strong>-<strong>01</strong><br />
32
Change language