Amazon SQS Access Policy Language key concepts

The result of a Statement that has Effect set to allow.

The activity that the Principal has permission to perform, typically a request to AWS.

The result of a Statement that has no Allow or Explicit-deny settings.

Any restriction or detail about a Permission. Typical conditions are related to date and time and IP addresses.

The result that you want the Statement of a Policy to return at evaluation time. You specify the deny or allow value when you write the policy statement. There can be three possible results at policy evaluation time: Default-deny, Allow, and Explicit-deny.

The result of a Statement that has Effect set to deny.

The process that Amazon SQS uses to determine whether an incoming request should be denied or allowed based on a Policy.

The user who writes a Policy to grant permissions to a resource. The issuer, by definition is always the resource owner. AWS doesn't permit Amazon SQS users to create policies for resources they don't own.

The specific characteristic that is the basis for access restriction.

The concept of allowing or disallowing access to a resource using a Condition and a Key.

The document that acts as a container for one or more statements.

Amazon SQS uses the policy to determine whether to grant access to a user for a resource.

The user who receives Permission in the Policy.

The object that the Principal requests access to.

The formal description of a single permission, written in the access policy language as part of a broader Policy document.

The user who sends a request for access to a Resource.