Amazon AWS SQS-将QueuePolicy应用于现有队列 [英] Amazon AWS SQS - Apply QueuePolicy to existing Queue

查看:94
本文介绍了Amazon AWS SQS-将QueuePolicy应用于现有队列的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如果我正在通过Cloudformation创建SQS队列,那么在创建了SQS队列之后,您是否能够附加第二个QueuePolicy?

if i am creating an SQS Queue via Cloudformation, are you able to attach an second QueuePolicy after the SQS Queue has been created?

如果我执行以下操作配置:

if i do run this following config:

Resources:
  SQSQueue:
    Properties:
      QueueName: !Ref SQSQueuename
    Type: 'AWS::SQS::Queue'
  QueuePolicy:
    Type: 'AWS::SQS::QueuePolicy'
    Properties:
      PolicyDocument:
        Id: !Ref SQSQueuename
        Statement:
          - Sid: QueuePolicy2-SendMessage-To-Queue-From-SNS-Topic
            Effect: Allow
            Principal:
              AWS: !Ref AccountID
            Action:
              - 'sqs:*'
            Resource: 'arn:aws:sqs:eu-central-1:123456789010:${SQSQueuename}'
      Queues:
        - !Ref SQSQueue 
   DependsOn:
     - SQSQueue

我能够创建附加到创建的另一个QueuePolicy吗排队?而且我将如何附上它?通过ARN吗?

Are i am able to create another QueuePolicy attached to the created Queue? And How would i attach it? Via ARN?

Resources:
  SecondQueuePolicy:
    Type: 'AWS::SQS::QueuePolicy'
    Properties:
      PolicyDocument:
        Id: !Ref SQSQueuename
        Statement:
          - Sid: QueuePolicy2-SendMessage-To-Queue-From-SNS-Topic
            Effect: Allow
            Principal:
              AWS: !Ref AccountID
            Action:
              - 'sqs:*'
            Resource: 'arn:aws:sqs:eu-central-1:123456789010:${SQSQueuename}'
      Queues:
        - !Ref SQSQueue <-- how do i ref to the Queue ?
   DependsOn:
     - SQSQueue


推荐答案

在第一个模板中,确保导出队列URL和名称:

In your first template make sure you export the queue URL and name:

Outputs: 
  QueueURL: 
    Value: !Ref SQSQueue
    Export:
      Name: ExampleStack-QueueURL
  QueueName: 
    Value: !GetAtt SQSQueue.QueueName
    Export:
      Name: ExampleStack-QueueName

在第二个模板中,导入新导出的值(不需要DependsOn):

In the second template import the newly exported values (no need for DependsOn):

  SecondQueuePolicy:
    Type: 'AWS::SQS::QueuePolicy'
    Properties:
      PolicyDocument:
        Id: !Ref SQSQueuename
        Statement:
          - Sid: QueuePolicy2-SendMessage-To-Queue-From-SNS-Topic
            Effect: Allow
            Principal:
              AWS: !Ref AccountID
            Action:
              - 'sqs:*'
            Resource:
              Fn::Sub:
                - 'arn:aws:sqs:eu-central-1:123456789010:${QueueName}'
                - QueueName:
                    Fn::ImportValue: ExampleStack-QueueName
      Queues:
        - Fn::ImportValue: ExampleStack-QueueURL

这篇关于Amazon AWS SQS-将QueuePolicy应用于现有队列的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆