getting Resource handler returned message: "Access to the resource https://sqs.us-east-1.amazonaws.com/ on cloudformation

Question

hi..
while trying to create a queuepolicy in cloud formation:

```
SQSNotificationPolicy:
    Type: AWS::SQS::QueuePolicy
    Properties:
      PolicyDocument:
        Version: '2008-10-17'
        Statement:
          - Effect: Allow
            Principal:
              AWS: "*"
            Action: SQS:SendMessage
            Resource: !GetAtt NotificationQueue.Arn
            Condition:
              ArnLike:
                aws:SourceArn: !Sub '{{resolve:ssm:${SNSTopic}}}' 
      Queues:
        - !Ref NotificationQueue
```

i get Resource handler returned message: "Access to the resource https://sqs.us-east-1.amazonaws.com/ is denied 
why?

Answer

Hi, I would start troubleshooting by checking your AWS Identity and Access Management Permissions for how you're trying to deploy the SQS Policy.

1.  Identity Policies for Deploying CloudFormation (Typically the User or Role you are using to deploy the CloudFormation)
2.  (If exists) Ensure the Queue Policy is not blocking access to deploy/update another Queue Policy.
3. If in Organizations, that no SCPs are blocking SQS or any of the necessary permissions.

getting Resource handler returned message: "Access to the resource https://sqs.us-east-1.amazonaws.com/ on cloudformation

相關內容