Docs

Create IAM policy

Suggest Edits
  1. Navigate to IAM in the AWS console

  1. Under Access management in the sidebar menu click Policies

  1. Click Create policy

  1. Select the JSON tab and delete the default text.

  1. Copy and paste in the JSON below. Replace <sqs arn> with the SQS ARN you saved in an earlier step.
    Using the example from this document <sqs arn> would be replaced with arn:aws:sqs:us-east-2:307946633993:netflow1-queue. Replace <bucketname> with your S3 bucket name created in a previous step. 
{  
   "Version":"2012-10-17",  
   "Statement":[  
      {  
         "Sid":"VisualEditor0",  
         "Effect":"Allow",  
         "Action":[  
            "sqs:DeleteMessage",  
            "sqs:GetQueueUrl",  
            "sqs:ReceiveMessage",  
            "sqs:GetQueueAttributes",  
            "s3:ListBucket*",  
            "s3:GetObject*",  
            "s3:DeleteObject*"  
         ],  
         "Resource":[  
            "<sqs arn>",  
            "arn:aws:s3:::<bucketname>/*",  
            "arn:aws:s3:::<bucketname>"  
         ]  
      }  
   ]  
}

  1. The result should look like the following

  1. Click Next

  1. Give the policy a name

  1. Click Create policy

Updated about 1 month ago