Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Can not access SQS via VPC SQS endpoint

0

Hi,
I am struggling with connecting to SQS via endpoint in VPC.

I can read messages from SQS from my EC2 instance that is connected to internet. Now I would like to access SQS without round trip to internet using SQS VPC endpoint.

When I create an VPC endpoint for SQS service, assign it to the same VPC and subnet my ec2 instance is in, I can no longer read SQS messages from that instance. I have also enabled Private DNS name when creating endpoint.

Request for reading a message gets timeout error:
Connect timeout on endpoint URL: "https://eu-central-1.queue.amazonaws.com/"

Any hints what might be wrong?

Edited by: rslak on Mar 7, 2019 5:02 AM

Themen
ServerlosAnwendungsintegration
Tags
Amazon Simple Queue Service
Sprache
English
rslak
gefragt vor 5 Jahren4088 Aufrufe
3 Antworten
1

I have identified the problem.
It was security group. I have to to set up separate group where all traffic destination/source has range of internal subnet and not just everything.

rslak
beantwortet vor 5 Jahren
  • TH
    vor einem Jahr

    Nailed it for me! Great!

  • rePost-User-0434982
    vor einem Jahr

    Could you explain in a little more detail what you mean by this? Thanks.

0

Hi rslak,

Looks like you are using the legacy endpoint format and it is not supported in SQS VPC endpoint. Give https://sqs.eu-central-1.amazonaws.com a try. (detailed endpoint information per region can be found here: https://docs.aws.amazon.com/general/latest/gr/rande.html#sqs_region)

It is also possible that you have restricted traffic and access in the security group assigned to your VPC endpoint. I would recommend you to follow our tutorial: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-sending-messages-from-vpc.html, setup a functional example, and then compare and constrast the differences.

Hope this helps,
Jackie

AWS
AWS-User-0048821
beantwortet vor 5 Jahren
0

Thanks for suggestions.
I have tried with provided endpoint but without luck. I still get the same error, although I have changed the endpoint name:

$ aws sqs receive-message --queue-url "https://sqs.eu-central-1.amazonaws.com/<my_queue_name>" --max-number-of-messages 1
Connect timeout on endpoint URL: "https://eu-central-1.queue.amazonaws.com/"

I am using default VPC security group with everything open.

I will try with CloudFormation example.

rslak
beantwortet vor 5 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt