symfony - Access denied to SQS via AWS SDK

Question

I'm currently working on a website developed with Symfony2 and I need to send messages in an Amazon SQS. In order to do that I added to my composer.json:

"aws/aws-sdk-php": "2.4.*"

Then when I try to create a queue or list queues I've got a 403 error saying:

Access to the resource https://sqs.us-west-2.amazonaws.com/ is denied.

EDIT: added the full error message

AWS Error Code: AccessDenied, Status Code: 403, AWS Request ID: 2fe34c11-7af8-5445-a768-070159a0953e, AWS Error Type: client, AWS Error Message: Access to the resource https://sqs.us-west-2.amazonaws.com/ is denied., User-Agent: aws-sdk-php2/2.4.11 Guzzle/3.7.4 curl/7.25.0 PHP/5.4.3

Here is a sample code of what I do:

$aws = Aws::factory(array(
  'key'    => 'my-key',
  'secret' => 'my-secret',
  'region' => 'us-west-2'
));

$sqs = $aws->get('sqs');

return new Response(var_dump($sqs->listQueues()));

What do I do wrong to get this error ?

Answer 1

挖掘后我发现我使用的帐户没有被授予访问 SQS 服务的权限。

要授予 SQS 对帐户的访问权限，您必须转到亚马逊管理控制台。然后点击 IAM。在此部分下单击用户，然后您可以管理您创建的每个帐户的权限。

Answer 2

确保以下两个策略都允许访问 SQS 队列

1. 基于资源 (SQS) 的策略：SQS 队列应允许您的身份使用该队列。您可以使用队列策略 ( https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-sqs-policy ) 来定义它。默认队列策略将只允许访问队列的所有者（队列的所有者是创建队列的身份）。
2. 基于身份的策略：访问队列的身份策略应该有权调用队列上的操作。

确保访问不受其中任何一个限制。

https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-using-identity-based-policies.html

Answer 3

我遇到了同样奇怪的问题，我已经设置了所有内容，包括策略和权限，几个小时后我发现我收到 403 错误，因为在我的应用程序中配置了错误的 aws 区域ap-south-1，默认情况下它应该是us-east-1