I created a Lambda function which takes data from one SQS queue, perform some modifications and should put the output data to another SQS queue. But trying to specify the Destination, I’m getting the empty list of SQS queues:
Could you please help me?
Permissions for Lambda function are provided:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"sqs:SendMessage",
"sqs:DeleteMessage",
"sqs:ChangeMessageVisibility",
"sqs:ReceiveMessage",
"sqs:TagQueue",
"sqs:UntagQueue",
"sqs:PurgeQueue"
],
"Resource": "arn:aws:sqs:eu-west-1:myaccountid:my-queue.fifo"
}
]
}
Tried two configurations of Access Policy for SQS queue. With VPC:
{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__owner_statement",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "SQS:*",
"Resource": "arn:aws:sqs:eu-west-1:myacy-queuecountid:m.fifo",
"Condition": {
"StringEquals": {
"aws:SourceVpc": "my-vpc"
}
}
}
]
}
and Principal Account:
{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__owner_statement",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "SQS:*",
"Resource": "arn:aws:sqs:eu-west-1:myaccountid:my-queue.fifo",
"Condition": {
"StringEquals": {
"aws:PrincipalAccount": [
"myaccountid"
]
}
}
}
]
}
(myaccountid, myqueue, my-vpc are the masks for valid values)
But result is the same – list of available SQS queues is empty
2
Answers
Destinations
are only for asynchronous invocations of lambda. SQS invokes lambda synchronously, thusDestinations
do not apply. This is not the cause why it does not show up in your list, but you would never be able to use in the first place due toDestinations
with SQS invoking lambda.AWS Asynchronous invocation
The SQS queue must be standard, your queue is fifo.
You can send a message to a fifo queue using an SDK.