AWS Official Blog

Powerful New Amazon SQS Features

by Jeff Barr | on | in Amazon SQS | | Comments

The Amazon Simple Queue Service (Amazon SQS) launched over three years ago and is the quiet workhorse behind many of the highly scalable applications running on Amazon EC2.

Today we are rolling out some important new features for Amazon SQS including availability from within our EU region, control of access permissions, and more control over the visibility timeout.

Starting today, a complete, self-contained instance of Amazon SQS is available in Europe. You can now choose to build Amazon SQS-driven applications entirely based in Europe or span regions (US and EU) in order to provide geographic diversity.

AWS is also introducing additional permission features that control access to Amazon SQS and to each of its fundamental actions on a very fine-grained basis. You can exercise this control at two levels:

  • At the higher level you can use the new AddPermission and RemovePermission functions to set and remove particular access rights for each queue. Access rights, including the ability to send, receive, or delete messages, change message visibility, or to retrieve queue attributes, can be granted to any AWS user via their AWS account number.
  • At the lower level you can use our new Access Policy Language. This expressive language makes its debut as part of this SQS release; over time, we plan to employ this Access Policy Language with our other services. The Access Policy Language enables the creation of complex rules to enable access to queues based on identity (AWS account number), source IP address, date, time, and more.

With this new permission system you can now use Amazon SQS queues to connect non-AWS applications to AWS applications and to connect AWS applications from different organizations. You could use an open, public queue as a drop box, allowing outside applications to submit work items for processing. This could be a fully public drop box, or it could be limited to requests from a single country by using a policy based on an IP address or address range. Communication between organizations can be established based on IP addresses or AWS accounts, as appropriate.

Finally, the new ChangeMessageVisibility function gives you the power to change the read timeout for an individual SQS message. You would need to do this if it will take more than 30 seconds (the default timeout) to process the message. You can set a timeout of up to 2 hours using this new function. In so doing, you will be able to accommodate applications that require longer processing times for items in the queue.

These new features are available now.

— Jeff;