2 Answers
- Newest
- Most votes
- Most comments
1
It seems some of the policy you posted is formatted outside of the code block so it looks like there's a lot wrong with it (e.g. "**", "{ }", lack of comma between the bucket ARNs). Can you try re-posting your complete policy with the 2nd bucket included, and no special formatting etc?
0
Hi Folks: Figured it out. The brackets were in the wrong places, here is the JSON for the SQS Access Policy that works. What I wanted to achieve was to get two S3 buckets connected to the same SQS Queue:
"Version": "2012-10-17",
"Id": "example-ID",
"Statement": [{
"Sid": "example-statement-ID",
"Effect": "Allow",
"Principal": {
"Service": "s3.amazonaws.com"
},
"Action": "SQS:SendMessage",
"Resource": "arn:aws:sqs:us-east-1:0645********:HammerSQS1",
"Condition": {
"StringEquals": {
"aws:SourceAccount": "0645********"
},
"ArnLike": {
"aws:SourceArn": [
"arn:aws:s3:*:*:contentdisarming-bucket-one",
"arn:aws:s3:*:*:contentdisarming-bucket-two"
]
}
}
}]
}
Hope this saves someone else some time & frustration :)
answered 2 years ago
Relevant content
- Accepted Answer
- asked 2 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
Ok, here goes:
{ "Version": "2012-10-17", "Id": "example-ID", "Statement": [ { "Sid": "example-statement-ID", "Effect": "Allow", "Principal": { "Service": "s3.amazonaws.com" }, "Action": "SQS:SendMessage", "Resource": "arn:aws:sqs:us-east-1:0645********:HammerSQS1", "Condition": { "StringEquals": { "aws:SourceAccount": "0645********" }, "ArnLike": {[ "aws:SourceArn": "arn:aws:s3:::contentdisarming-bucket-one" "aws:SourceArn": "arn:aws:s3:::contentdisarming-bucket-two"] } } } ] }
Thanks