Creating SQS in serverless gives an error: sqs:CreateQueue Access to the resource https://sqs.xx-west-1.amazonaws.com/ is denied

Hi, I am trying to create a SQS using the serveless framework, however I keep getting access denied.
I have double checked and I have all of the permission on my user.

This is what I have in my serverless yaml:

service: createQueueService

provider:
  name: aws
  runtime: nodejs8.10
  region: xx-west-1
  iamRoleStatements:
    - Effect: "Allow"
      Action:
       - "sqs:SendMessage"
       - "sqs:GetQueueAttributes"
       - "sqs:GetQueueUrl"
       - "sqs:ListQueues"
      Resource: "arn:aws:sqs:::HtmlToPDFQueue"


functions:
  createQueue:
    handler: handler.createQueue
    timeout: 15
    events:
      - http:
          path: createqueue
          method: post
          cors: true


resources:
  Resources:
    HtmlToPDFQueue:
      Type: "AWS::SQS::Queue"
      Properties:
        QueueName: "HtmlToPDFQueue"

If anyone knows how I can fix this or I am doing something wrong, please let me know. thank you.

Hi, maybe you have a typo in your region? I don’t think that the xx-west-1 region exists.
The regions list it here https://docs.aws.amazon.com/general/latest/gr/rande.html

p.s I think you can use Resource: !GetAtt HtmlToPDFQueue.Arn instead of const.

1 Like

Hi, the I typed xx-west-1 just to hide eu-west-1, didnt actually typed the xx lol.
Anyway, problem solved, my Resource arn was wrong and I hade some additional access to sort out for my user.

Haha, happy you have found the problem :slight_smile: as for arn - that’s why I proposed to use !GetAtt HtmlToPDFQueue.Arn

1 Like