Cloudformation SNS SQA

Question

My Cloudformation SNS SQA stack deployed and I can see the components in the AWS console. However when I publish a message in SNS, I dont get it when I poll for it in SQS.

AWSTemplateFormatVersion: "2010-09-09"
Description: SNS-SQS

Parameters:
  ProjectName:
    Type: String
    Description: "Name of the project"
    Default: "RdsNosqlSync"
  TopicRegion:
    Type: String
    Default: us-east-2

Resources:
  SnsSyncTopic:
    Type: AWS::SNS::Topic
    Properties:
      TopicName: !Sub "${ProjectName}"
      Tags:
        - Key: Name
          Value: !Sub "${ProjectName}"

SyncTopicSubscription:
    Type: AWS::SNS::Subscription
    UpdateReplacePolicy: Delete
    DeletionPolicy: Delete
    Properties:
      Endpoint: !GetAtt SqsSyncQueue.Arn
      Protocol: sqs
      TopicArn: !Ref SnsSyncTopic
      Region: !Ref TopicRegion

SqsSyncQueue:
    Type: AWS::SQS::Queue
    UpdateReplacePolicy: Delete
    DeletionPolicy: Delete
    Properties:
      QueueName: !Sub "${ProjectName}"
      Tags:
        - Key: Name
          Value: !Sub "${ProjectName}"

QueuePolicy:
    Type: AWS::SQS::QueuePolicy
    Properties:
      PolicyDocument:
        Version: "2012-10-17"
        Id: QueuePolicyId
        Statement:
        - Sid: Allow-SNS-SendMessage
          Effect: Allow
          Principal: 
            Service: sns.amazonaws.com
          Action: sqs:SendMessage
          Resource: !Ref SqsSyncQueue
          Condition:
            ArnEquals: 
              aws:SourceArn: !Ref SnsSyncTopic
      Queues:
        - !Ref SqsSyncQueue

Accepted Answer

It's a bit hard to tell as your question didn't use "Code" formatting, but the QueuePolicy may have issues.  If you check https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queue.html you'll see that doing !Ref on a queue returns the queue URL not ARN.

Cloudformation SNS SQA

Relevanter Inhalt