Create IAM policy
- Navigate to IAM in the AWS console
- Under Access management in the sidebar menu click Policies
- Click Create policy
- Select the JSON tab and delete the default text.
- Copy and paste in the JSON below. Replace
<sqs arn>
with the SQS ARN you saved in an earlier step.
Using the example from this document<sqs arn>
would be replaced witharn:aws:sqs:us-east-2:307946633993:netflow1-queue
. Replace<bucketname>
with your S3 bucket name created in a previous step.
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"VisualEditor0",
"Effect":"Allow",
"Action":[
"sqs:DeleteMessage",
"sqs:GetQueueUrl",
"sqs:ReceiveMessage",
"sqs:GetQueueAttributes",
"s3:ListBucket*",
"s3:GetObject*",
"s3:DeleteObject*"
],
"Resource":[
"<sqs arn>",
"arn:aws:s3:::<bucketname>/*",
"arn:aws:s3:::<bucketname>"
]
}
]
}
- The result should look like the following
- Click Next
- Give the policy a name
- Click Create policy
Updated 3 months ago