Debugging SQS::QueuePolicy in AWS


At work I needed to deploy an SQS queue along with policies to restrict access to the correct roles.

I came across an annoying error, which took way to long to figure out.

I originally started writing this as I assumed it would be some obscure problem that could affect other people…..in reality it was more of a typo, but i’ll write about it anyway.

The error i got when trying to deploy via serverless was:

An error occurred: SQSQueuePolicy – Invalid value for the parameter Policy. (Service: AmazonSQS; Status Code: 400; Error Code: InvalidAttributeValue; Request ID XXXXX)

This wasn’t that helpful, since 90% of this resource was the policy.

Eventually I ended up copying a policy from the AWS website, and then comparing my copy to theirs, moving parts of the Statement block over and testing.

In the end i had my entire policy in their structure, and it worked. So i ran a diff…..turns out i had – Sid:: SendReceiveDelete rather than – Sid: SendReceiveDelete.

It would be really good if AWS could improve the error message to highlight at least the line of the policy that has an issue…it would have saved a lot of time!


Leave a Reply

Your email address will not be published. Required fields are marked *