Amazon SQS API 权限：操作为资源参考

当你设置时访问控制并编写可以向各 IAM 身份（附加权限策略），可以使用下表作为参考。的Service 每个亚马逊简单队列服务操作、您可以授予执行操作的权限，以及Amazon您可以为其授予权限的资源。

在策略的 Action 字段中指定操作，并在策略的 Resource 字段中指定资源值。要指定操作，请在操作名称之前使用 sqs: 前缀 (例如，sqs:CreateQueue)。

使用滚动条查看表的其余部分。

亚马逊简单队列服务 API 和这些 API 操作的权限
Amazon Service	所需的权限	资源
`AddPermission`	`sqs:AddPermission`	`arn:aws:sqs:region:account_id:queue_name`
`CancelMessageMoveTask`	`sqs:CancelMessageMoveTask`	`arn:aws:sqs:region:account_id:dlq_queue_name`
	`sqs:ReceiveMessage`
	`sqs:DeleteMessage`
	`sqs:GetQueueAttributes`
`ChangeMessageVisibility`	`sqs:ChangeMessageVisibility`	`arn:aws:sqs:region:account_id:queue_name`
`ChangeMessageVisibilityBatch`	`sqs:ChangeMessageVisibility`	`arn:aws:sqs:region:account_id:queue_name`
`CreateQueue`	`sqs:CreateQueue`	`arn:aws:sqs:region:account_id:queue_name`
`DeleteMessage`	`sqs:DeleteMessage`	`arn:aws:sqs:region:account_id:queue_name`
`DeleteMessageBatch`	`sqs:DeleteMessage`	`arn:aws:sqs:region:account_id:queue_name`
`DeleteQueue`	`sqs:DeleteQueue`	`arn:aws:sqs:region:account_id:queue_name`
`GetQueueAttributes`	`sqs:GetQueueAttributes`	`arn:aws:sqs:region:account_id:queue_name`
`GetQueueUrl`	`sqs:GetQueueUrl`	`arn:aws:sqs:region:account_id:queue_name`
`ListDeadLetterSourceQueues`	`sqs:ListDeadLetterSourceQueues`	`arn:aws:sqs:region:account_id:queue_name`
`ListMessageMoveTasks`	`sqs:ListMessageMoveTasks`	`arn:aws:sqs:region:account_id:dlq_queue_name`
`ListMessageMoveTasks`	`sqs:GetQueueAttributes`	`arn:aws:sqs:region:account_id:dlq_queue_name`
`ListQueues`	`sqs:ListQueues`	`arn:aws:sqs:region:account_id:*`
`ListQueueTags`	`sqs:ListQueueTags`	`arn:aws:sqs:region:account_id:queue_name`
`PurgeQueue`	`sqs:PurgeQueue`	`arn:aws:sqs:region:account_id:queue_name`
`ReceiveMessage`	`sqs:ReceiveMessage`	`arn:aws:sqs:region:account_id:queue_name`
`RemovePermission`	`sqs:RemovePermission`	`arn:aws:sqs:region:account_id:queue_name`
`SendMessage`	`sqs:SendMessage`	`arn:aws:sqs:region:account_id:queue_name`
`SendMessageBatch`	`sqs:SendMessage`	`arn:aws:sqs:region:account_id:queue_name`
`SetQueueAttributes`	`sqs:SetQueueAttributes`	`arn:aws:sqs:region:account_id:queue_name`
`StartMessageMoveTask`	`sqs:StartMessageMoveTask`	`arn:aws:sqs:region:account_id:source_queue_name`
	`sqs:ReceiveMessage`
	`sqs:DeleteMessage`
	`sqs:GetQueueAttributes`
	`sqs:SendMessage`	`arn:aws:sqs:region:account_id:source_queue_name`
`TagQueue`	`sqs:TagQueue`	`arn:aws:sqs:region:account_id:queue_name`
`UntagQueue`	`sqs:UntagQueue`	`arn:aws:sqs:region:account_id:queue_name`

Javascript 在您的浏览器中被禁用或不可用。

要使用 Amazon Web Services 文档，必须启用 Javascript。请参阅浏览器的帮助页面以了解相关说明。

使用最低权限和Amazon KMS策略管理加密队列访问

日志记录和监控