We believe your privacy is very important. We use cookies to track your behaviour and provide a better experience
Backend Helpers | Automation and Software Development for Cloud Applicationses
Amazon Simple Queue Service (Amazon SQS) is a distributed queue messaging that supports programmatic sending of messages via web service applications as a way to communicate over the Internet. This post is about how to use this service.
It is a good security practice create an admin group and a user associated to this group. this user will be responsible for administrative task such as create or delete queues.
aws iam create-group --group-name Admins
We must define a policy that contains a set of permissions and then assign the policy to a certain group, to create admin policy first at all, we must create a file named admin-policy.json:
{ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": ["*"], "Resource": ["*"] }] }
Now we can asign the policy definied in the json file to Admins group:
aws iam put-group-policy --group-name Admins \ --policy-document file://AdminPolicy.json \ --policy-name AdminRoot
After create Admins group is good idea to create an admin user and associate this user to Admins group, is not recommended use AWS with your main aws access keys.
aws iam create-user --user-name mycloudadmin aws iam add-user-to-group --user-name mycloudadmin \ --group-name Admins
By typing aws sqs help
We can see all options available for this service, We can create a queue with the command below:
aws sqs create-queue --queue-name MyQueue \ --region us-west-2
We can verify the queue creation with the command aws sqs list-queues
First at all We need to create a group named webapp:
aws iam create-group --group-name webapp
We will set up an access policy to allow webapp group read, put and delete messages from MyQueue, we will create a sqs-policy.json
file:
{ "Version":"2012-10-17", "Statement" : [ { "Effect":"Allow", "Action":["SQS:SendMessage", "SQS:ReceiveMessage", "SQS:DeleteMessage"], "Resource":"arn:aws:sqs:*:123456789012:MyQueue" } ] }
You must change the resource arn according your own data ,the format is arn:aws:sqs:region:account_ID:queue_name
aws iam put-group-policy --group-name webapp \ --policy-document file://sqs-policy.json \ --policy-name webappSQS
aws iam create-user --user-name myweb aws iam create-access-key --user-name myweb aws iam add-user-to-group --user-name myweb \ --group-name webapp
aws sqs send-message \ --queue-url https://us-west-2.queue.amazonaws.com/123456789012/MyQueue \ --message-body '{"msg": "hello world"}'
aws sqs receive-message \ --queue-url https://us-west-2.queue.amazonaws.com/123456789012/MyQueue \ --max-number-of-messages 10