add_permission ( $queue_url, $label, $aws_account_id, $action_name, $opt )

The AddPermission action adds a permission to a queue for a specific principal. This allows for sharing access to the queue.

When you create a queue, you have full control access rights for the queue. Only you (as owner of the queue) can grant or deny permissions to the queue. For more information about these permissions, see Shared Queues in the Amazon SQS Developer Guide.

AddPermission writes an SQS-generated policy. If you want to write your own policy, use SetQueueAttributes to upload your policy. For more information about writing your own policy, see Appendix: The Access Policy Language in the Amazon SQS Developer Guide.

Access

public

Parameters

Parameter

Type

Required

Description

$queue_url

string

Required

The URL of the SQS queue to take action on.

$label

string

Required

The unique identification of the permission you’re setting (e.g., AliceSendMessage). Constraints: Maximum 80 characters; alphanumeric characters, hyphens (-), and underscores (_) are allowed.

$aws_account_id

string
array

Required

The AWS account number of the principal who will be given permission. The principal must have an AWS account, but does not need to be signed up for Amazon SQS. Pass a string for a single value, or an indexed array for multiple values.

$action_name

string
array

Required

The action the client wants to allow for the specified principal. Pass a string for a single value, or an indexed array for multiple values.

$opt

array

Optional

An associative array of parameters that can have the following keys:

  • curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
  • returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

Returns

Type

Description

CFResponse

A CFResponse object containing a parsed HTTP response.

Examples

Give account ID 133904017518 certain permissions on the queue.

// Add permissions to a queue
$sqs = new AmazonSQS();
$response = $sqs->add_permission('example-queue', 'SDKTesting', '133904017518', array(
	'GetQueueAttributes',
	'ChangeMessageVisibility'
));

// Success?
var_dump($response->isOK());
Result:
bool(true)

Related Methods

Source

Method defined in services/sqs.class.php | Toggle source view (18 lines) | View on GitHub

public function add_permission($queue_url, $label, $aws_account_id, $action_name, $opt = null)
{
    if (!$opt) $opt = array();
    $opt['QueueUrl'] = $queue_url;
    $opt['Label'] = $label;
    
    // Required list (non-map)
    $opt = array_merge($opt, CFComplexType::map(array(
        'AWSAccountId' => (is_array($aws_account_id) ? $aws_account_id : array($aws_account_id))
    )));
    
    // Required list (non-map)
    $opt = array_merge($opt, CFComplexType::map(array(
        'ActionName' => (is_array($action_name) ? $action_name : array($action_name))
    )));

    return $this->authenticate('AddPermission', $opt);
}

Copyright © 2010–2013 Amazon Web Services, LLC


Feedback