I'm using the AWS SQS service, and I'm having a hard time defining permissions on my SQS queue. In my setup, I'm using the AWS Lambda service, which is triggered when an object is pushed onto an S3 bucket.
However, to keep my question briefly, this is what I want to achieve:
- The object is pushed to an S3 bucket
- S3 bucket triggers AWS Lambda
- Lambda does some calculations, and push an event to my SQS queue (Permission needs to be defined)
- The application reads from SQS
As you can read from the previous use-case, I want my AWS Lambda method to be the only application, which can send a message to the SQS queue. I've tried to set a principal and a condition "sourceArn". But none of them works.
Can anyone help?