Using custom policies with the Amazon SQS Access Policy Language (original) (raw)

DocumentationAmazon Simple Queue ServiceDeveloper Guide

To grant basic permissions (such as SendMessage or ReceiveMessage) based only on an AWS account ID, you don’t need to write a custom policy. Instead, use the Amazon SQS AddPermission action.

To allow or deny access based on specific conditions, such as request time or the requester's IP address, you must create a custom Amazon SQS policy and upload it using the SetQueueAttributes action.

Topics

• Access control architecture
• Access control process workflow
• Access Policy Language key concepts
• Access Policy Language evaluation logic
• Relationships between explicit and default denials
• Custom policy limitations
• Custom Access Policy Language examples

Document Conventions

Basic Amazon SQS policy examples

Access control architecture

Did this page help you? - Yes

Thanks for letting us know we're doing a good job!

If you've got a moment, please tell us what we did right so we can do more of it.

Did this page help you? - No

Thanks for letting us know this page needs work. We're sorry we let you down.

If you've got a moment, please tell us how we can make the documentation better.