1

creating SQS policy : its giving me error Resource handler returned message: "Invalid value for the parameter Policy. (Service: Sqs, Status Code: 400, Request ID: 5d7ffb34-bd69-5409-aec7-a1809c4f6aeb, Extended Request ID: null)" (RequestToken: 0f7979cf-6aae-a59b-e687-99ba47279537, HandlerErrorCode: GeneralServiceException)

Not sure what is wrong here , I have referred this Stackoverflow

SQSQueuePolicy:
   Type: AWS::SQS::QueuePolicy
   Properties:
     PolicyDocument:
      Version: '2008-10-17'
      Id: '__default_policy_ID'
      Statement:
      - Sid: '__owner_statement'
        Effect: Allow
        Principal:
          AWS: 'arn:aws:iam::${AWS::AccountId}:root'
        Action: 'SQS:*'
        Resource: !GetAtt test12StandardQueue.Arn
      - Sid: 'Allow-SNS-SendMessage'
        Effect: Allow
        Principal: '*'
        Action: SQS:SendMessage
        Resource: !GetAtt test12StandardQueue.Arn
        Condition:
         ArnLike:
          aws:SourceArn: !Ref SNSTopicARN
     Queues:
        - !Ref test12StandardQueue
  1. I have tried instead of Version: '2008-10-17' or '2012-10-17' but same error
Marcin
  • 215,873
  • 14
  • 235
  • 294
Nitish
  • 47
  • 4

1 Answers1

0

Instead of

   AWS: 'arn:aws:iam::${AWS::AccountId}:root'

it should be:

   AWS: !Sub 'arn:aws:iam::${AWS::AccountId}:root'
Marcin
  • 215,873
  • 14
  • 235
  • 294
  • @Nitish No problem. [Accpeptance](https://meta.stackoverflow.com/questions/251078/how-to-update-and-accept-answers/251399#251399) of the answer would be appreciated. – Marcin Mar 23 '22 at 07:14