I created a Lambda function which takes data from one SQS queue, perform some modifications and should put the output data to another SQS queue. But trying to specify the Destination, I'm getting the empty list of SQS queues:
Could you please help me?
Permissions for Lambda function are provided:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"sqs:SendMessage",
"sqs:DeleteMessage",
"sqs:ChangeMessageVisibility",
"sqs:ReceiveMessage",
"sqs:TagQueue",
"sqs:UntagQueue",
"sqs:PurgeQueue"
],
"Resource": "arn:aws:sqs:eu-west-1:myaccountid:my-queue.fifo"
}
]
}
Tried two configurations of Access Policy for SQS queue. With VPC:
{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__owner_statement",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "SQS:*",
"Resource": "arn:aws:sqs:eu-west-1:myacy-queuecountid:m.fifo",
"Condition": {
"StringEquals": {
"aws:SourceVpc": "my-vpc"
}
}
}
]
}
and Principal Account:
{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__owner_statement",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "SQS:*",
"Resource": "arn:aws:sqs:eu-west-1:myaccountid:my-queue.fifo",
"Condition": {
"StringEquals": {
"aws:PrincipalAccount": [
"myaccountid"
]
}
}
}
]
}
(myaccountid, myqueue, my-vpc are the masks for valid values)
But result is the same - list of available SQS queues is empty
CodePudding user response:
Destinations are only for asynchronous invocations of lambda. SQS invokes lambda synchronously, thus Destinations do not apply. This is not the cause why it does not show up in your list, but you would never be able to use in the first place due to Destinations with SQS invoking lambda.