Home > Software design >  Test sending SQS message from role in Cloud9 having send / received message permission to queue but
Test sending SQS message from role in Cloud9 having send / received message permission to queue but

Time:06-05

I was using Cloud9 to assume a role to test on the dynamic permission to send message to a queue.

In cloud9, i assumed this role with the following permissions

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "VisualEditor0",
        "Effect": "Allow",
        "Action": [
            "sqs:DeleteMessage",
            "sqs:ReceiveMessage",
            "sqs:SendMessage",
            "sqs:GetQueueAttributes"
        ],
        "Resource": [
            "arn:aws:sqs:us-west-2:{accountID}:general-queue-abc",
            "arn:aws:sqs:eu-west-2:{accountID}:individual-queue-${insert-attribute-by-customer-name}"
        ]
    },
    {
        "Sid": "VisualEditor1",
        "Effect": "Allow",
        "Action": "sqs:ListQueues",
        "Resource": "*"
    }
]

}

After assuming and verifying the right role was assumed, i use cli to send message to the queue, it succeeded with the output

{
"MD5OfMessageBody": "dummyNumbers",
"MessageId": "dummyNumbers" }

Expected: SQS to show as 1 message received since the message sent request succeeded.

What I saw instead - Number Of Messages Sent increased but no Number Of Messages Received enter image description here

But the queue shows message available

enter image description here

My command

aws sqs send-message --queue-url https://sqs.{REGION}.amazonaws.com/{AccountID}/individual-queue-{insert-attribute-by-customer-name} --message-body "I am sending a new message...."

Question:

  • I thought my action was to send a message to SQS queue from Cloud9 after assuming the right permission access, and the queue was supposed to have 'Number of Message Received' since the queue-url i specified the message to send to is the same queue. I am confused with why no 'number of message received' when there's message available shown.
  • there is no cloudwatch logs that are able to help me to understand anything
  • does this means that the permission actually allows the message sent but there is some issue in the queue receiving the message? (For example access denied?)

thanks in advance

CodePudding user response:

Sounds like you have sent 2 messages but haven't received (i.e. read from the queue) any. Try running the following to receive a message:

aws sqs receive-message --queue-url https://sqs.{REGION}.amazonaws.com/{AccountID}/individual-queue-{insert-attribute-by-customer-name}
  • Related