addPermission method

Future<void> addPermission({
  1. required List<String> awsAccountIds,
  2. required List<String> actions,
  3. required String label,
  4. required String queueUrl,
})

Adds a permission to a queue for a specific principal. This allows sharing access to the queue.

When you create a queue, you have full control access rights for the queue. Only you, the owner of the queue, can grant or deny permissions to the queue. For more information about these permissions, see Allow Developers to Write Messages to a Shared Queue in the Amazon Simple Queue Service Developer Guide.

  • AddPermission generates a policy for you. You can use SetQueueAttributes to upload your policy. For more information, see Using Custom Policies with the Amazon SQS Access Policy Language in the Amazon Simple Queue Service Developer Guide.
  • An Amazon SQS policy can have a maximum of 7 actions.
  • To remove the ability to change queue permissions, you must deny permission to the AddPermission, RemovePermission, and SetQueueAttributes actions in your IAM policy.
Some actions take lists of parameters. These lists are specified using the param.n notation. Values of n are integers starting from 1. For example, a parameter list with two elements looks like this:

&AttributeName.1=first

&AttributeName.2=second

May throw OverLimit.

Parameter awsAccountIds : The AWS account number of the principal who is given permission. The principal must have an AWS account, but does not need to be signed up for Amazon SQS. For information about locating the AWS account identification, see Your AWS Identifiers in the Amazon Simple Queue Service Developer Guide.

Parameter actions : The action the client wants to allow for the specified principal. Valid values: the name of any action or *.

For more information about these actions, see Overview of Managing Access Permissions to Your Amazon Simple Queue Service Resource in the Amazon Simple Queue Service Developer Guide.

Specifying SendMessage, DeleteMessage, or ChangeMessageVisibility for ActionName.n also grants permissions for the corresponding batch versions of those actions: SendMessageBatch, DeleteMessageBatch, and ChangeMessageVisibilityBatch.

Parameter label : The unique identification of the permission you're setting (for example, AliceSendMessage). Maximum 80 characters. Allowed characters include alphanumeric characters, hyphens (-), and underscores (_).

Parameter queueUrl : The URL of the Amazon SQS queue to which permissions are added.

Queue URLs and names are case-sensitive.

Implementation

Future<void> addPermission({
  required List<String> awsAccountIds,
  required List<String> actions,
  required String label,
  required String queueUrl,
}) async {
  ArgumentError.checkNotNull(awsAccountIds, 'awsAccountIds');
  ArgumentError.checkNotNull(actions, 'actions');
  ArgumentError.checkNotNull(label, 'label');
  ArgumentError.checkNotNull(queueUrl, 'queueUrl');
  final $request = <String, dynamic>{};
  $request['AWSAccountIds'] = awsAccountIds;
  $request['Actions'] = actions;
  $request['Label'] = label;
  $request['QueueUrl'] = queueUrl;
  await _protocol.send(
    $request,
    action: 'AddPermission',
    version: '2012-11-05',
    method: 'POST',
    requestUri: '/',
    exceptionFnMap: _exceptionFns,
    shape: shapes['AddPermissionRequest'],
    shapes: shapes,
  );
}