By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Lambda function can't push messages to sqs

-1

I have a lambda function with an exacution role with this policies:

  • AWSLambdaBasicExecutionRole ("logs:CreateLogStream", "logs:PutLogEvents")
  • a custom policy ({ "Effect": "Allow", "Action": [ "sqs:SendMessage", "sqs:ListQueues" ], "Resource": [ "arn:aws:sqs:myqueue" ] })
  • AWSCodeCommitReadOnly the my sqs queue has aan access policy:

{ "Sid": "AllowLambdaAccess", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::myLambdaServiceRole" }, "Action": "SQS:SendMessage", "Resource": "arn:aws:sqs:mySqsQueue" }

the lambda function and the queue are in the same region. No vpc configured for the lambda function. proplem is lambda times out and can't push messages to sqs

code for lambda is pretty standard:

const { SQSClient, SendMessageCommand } = require('@aws-sdk/client-sqs');
const sqsClient = new SQSClient({ region: 'us-east-1' });
const queueUrl = 'https://sqs.us-east-1.amazonaws.com/XXXXXXXXXXX/MySqsQueue';

const messageParams = {
                QueueUrl: queueUrl,
                MessageBody: JSON.stringify({MY OBJECT DEFINED HERE})
            };
            try {
                const command = new SendMessageCommand(messageParams);
                await sqsClient.send(command);
                console.log('Message sent to SQS queue successfully.');
            } catch (error) {
                console.error('Error sending message to SQS:', error);
            }

any idea what I am doing wrong?

Topics
ServerlessComputeApplication IntegrationSecurity, Identity, & Compliance
Tags
AWS LambdaAmazon Simple Queue ServiceIAM Policies
Language
English
rePost-User-3116220
asked a year ago606 views
2 Answers
1
Accepted Answer

My apologies, the lambda function was actually in a VPC. I solved with a VPC endpoint.

rePost-User-3116220
answered a year ago
profile picture
EXPERT
Gary Mclean
reviewed a month ago
0

Apologies if I'm taking your post too literally, but your ARN in your custom policy "arn:aws:sqs:myqueue" needs to be in format "arn:aws:sqs:us-east-1:444455556666:myqueue".

How do your logs look? Are you getting your "success" or "error" messages in there? If you have wrong permissions you should be catching an exception and logging it according to your code, not getting a timeout. So maybe your timeout is too small - the default 3 seconds can be a bit small for some AWS SDKs to get up and running.

EXPERT
skinsman
answered a year ago
  • rePost-User-3116220
    a year ago

    thanks for helping me. arns are correct, in my example above I just simplified a bit. Logs in lambda just say "Task timed out after 5.04 seconds". I tried to increase the timeout to 1 min, same result. Anyway it shouldn't take long, as for test purposes I commented out everything and left only the sqs call bit. No logs on the sqs side. the sqs queue works as expected if I manually put a message from the console.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content