I'm trying to setup a user policy for a AWS IAM user to access a specific AWS SQS queue.
When I try with below policy, I get the error AccessDenied.
{
"Statement": [
{
"Action": ["sqs:*"],
"Effect": "Allow",
"Resource": ["arn:aws:sqs:us-east-1:my_aws_account_id:queue_name"]
}
]
}
However, when I trying using the same policy, only replacing the queue_name part of arn with *, it works:
{
"Statement": [
{
"Action": ["sqs:*"],
"Effect": "Allow",
"Resource": ["arn:aws:sqs:us-east-1:my_aws_account_id:*"]
}
]
}
What could be the problem when trying to restrict access to specific queue?
What action are you trying to perform with the queue-specific policy? I did the following:
我遇到了类似情况,发现"arn:aws:sqs:*:*:queue_name"
对我"arn:aws:sqs:*:*:queue_name"
。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.