Amazon_SQS_7
SQS might contain sensitive information. Determine the specific principals the their required actions, and then craft IAM policy with the required permissions.
From console
1. Open the Amazon SQS console at https://console.aws.amazon.com/sqs/.
2. In the navigation pane, choose Queues.
3. Choose a queue and choose Edit.
4. Scroll to the Access policy section.
4. Edit the access policy statements in the input box. or You can use AWS policy generator tool: https://awspolicygen.s3.amazonaws.com/policygen.html.
5. In the policy When Effect is ‘Allow’ Make sure you DO NOT mention Action=’sqs:*’, and Principal=’*’. And add a condition in the policy statement.
5. When you finish configuring the access policy, choose Save.
From CLI
1. Create a .json file with policy statement
aws sqs set-queue-attributes –queue-url QUEUE_URL –attributes FILE:UPDATE_ATTRIBUTES.JSON
Where the file should contain the new policy for the queue.
Reference:
1. https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-authentication-and-access-control.html
2. https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sqs/set-queue-attributes.html
3. https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html
4. https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy
Want to Know More?
Learn how our partners are managing their cloud security and compliance with Cloudlytics.
I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.