使用AWS CLI命令在条件中添加SQS权限

时间:2019-07-30 19:59:04

标签: amazon-web-services amazon-iam amazon-sqs aws-cli

如何使用AWS CLI命令添加以下列出的SQS权限?

    "Statement": [
    {
      "Sid": "Sid8390000202",
      "Effect": "Allow",
      "Principal": "*",
      "Action": "SQS:*",
      "Resource": "arn:aws:sqs:us-east-1:12345678:example-queue",
      "Condition": {
        "ArnEquals": {
          "aws:SourceArn": "arn:aws:sns:us-east-1:73628827939:MySNS"
        }
      }
    }
  ]

2 个答案:

答案 0 :(得分:1)

您可以使用以下策略将文件本地保存为set-queue-attributes.json。

{
  "Id": "Policy1564523767951",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1564523766749",
      "Action": "sqs:*",
      "Effect": "Allow",
      "Resource": "arn:aws:sqs:us-east-1:12345678:example-queue",
      "Condition": {
        "ArnEquals": {
          "aws:SourceArn": "arn:aws:sns:us-east-1:73628827939:MySNS"
        }
      },
      "Principal": "*"
    }
  ]
}

然后执行以下CLI命令。

aws sqs set-queue-attributes --queue-url https://sqs.us-east-1.amazonaws.com/12345678/example-queue --attributes file://set-queue-attributes.json

答案 1 :(得分:1)

我必须对@Michael Quale发布的json进行一些补充,以使其正常工作。

{"Policy" : "{\"Id\": \"Policy1564523767951\",\"Version\": \"2012-10-17\",\"Statement\": [{\"Sid\": \"Stmt1564523766749\",\"Action\": \"sqs:*\",\"Effect\": \"Allow\",\"Resource\": \"arn:aws:sqs:us-east-1:12345678:example-queue\",\"Condition\": {\"ArnEquals\": {\"aws:SourceArn\": \"arn:aws:sns:us-east-1:73628827939:MySNS\"}},\"Principal\": \"*\"}]}"}
相关问题
最新问题