Why use Amazon SQS when private keys are exposed

Question

So this might be a silly question, but what is the point of using Amazon SQS if it requires a private and public key? If the client has the private and public key they could probably discover the keys via decompile or some other means...

The only secure way I could think of would be to use a proxy (like php) that has the private and public keys. But then what is the point of using SQS in the first place? The main benefit of SQS (I can see) is that it can scale upwards and you don't have to worry about how many messages you are receiving. But if you are going to be using a proxy then you will have to scale that too... I hope my concerns make sense?

Thanks

Answer 1

Your concerns would be valid if you had to give your secret key out for clients to pull data from the queue. However the typical workflow involves using your AWS account ID for creating and modifying queues and perhaps pushing data onto the queues. Then you can set permissions with either the SQS addPermission action or setup a more finely controlled access policy. This means you would give read access to only a specific AWS account or to anonymous usage, but you would not allow for other modifications.

So basically you have a couple options. You could compile in the AWS public and private keys which you have setup in advanced that has restricted permissions on your client application. A better approach in my opinion is to make the public and private key files a configurable option on your client and tell the users of the client they are responsible for getting their own AWS account and keys and they can tell you what their AWS key is and you can give them as fine grain control as you want on a per client basis.

These resources would be good for you to look at:

• Using the Access Policy Language
• Controlling User Access to your AWS account
• addPermission action for SQS