Intellipaat Back

Explore Courses Blog Tutorials Interview Questions
0 votes
2 views
in AWS by (19.1k points)

I'm using the AWS SQS service, and I'm having a hard time defining permissions on my SQS queue. In my setup, I'm using the AWS Lambda service, which is triggered when an object is pushed onto an S3 bucket.

However, to keep my question briefly, this is what I want to achieve:

  • The object is pushed to an S3 bucket
  • S3 bucket triggers AWS Lambda
  • Lambda does some calculations, and push an event to my SQS queue (Permission needs to be defined)
  • The application reads from SQS

As you can read from the previous use-case, I want my AWS Lambda method to be the only application, which can send a message to the SQS queue. I've tried to set a principal and a condition "sourceArn". But none of them works.

image

Can anyone help?

1 Answer

0 votes
by (44.4k points)

Lambda runs arbitrary code, it is not an AWS feature like SNS where SourceArn works pretty well.

You can attach this policy to the IAM Role which is attached to your Lambda function as a workaround.

{

    "Version": "2012-10-17",

    "Statement": [

        {

            "Sid": "Stmt1440529349000",

            "Effect": "Allow",

            "Action": [

                "sqs:SendMessage"

            ],

            "Resource": [

                "arn:aws:sqs:us-west-2:123456789012:test-queue"

            ]

        }

    ]

}

Related questions

0 votes
1 answer
Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer

31k questions

32.8k answers

501 comments

693 users

Browse Categories

...