All Questions

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

What IAM Permissions do I need to consume an SQS que from Lambda?

Hello, I'm trying to have an event driven solution where the SQS que sends messages to lambda as soon as it receives the message. I have a third party application that sends messages to SQS and assumes a role in which gives it permission to perform actions needed on the SQS. I am kind of confused what I need to consume an SQS que from lambda. In the documentation it indicates that to poll events from Lambda different permissions are needed, and then it gives directions for "event driven" triggers to lambda from the SQS Que. I am writing all of this in CDK so maybe that's where I may be missing something at. So far in my CDK I have the SQS message able to be consumed by lambda I believe, by using `sqsQue.grantConsumeMessages(Mylambda)` which indicates [here ]( that this will allow SQS messages to be consumed by grantee which is my lambda. I am not certain if this adds a resource based policy to lambda to SQS, I'm assuming that it adds it to SQS and I do not need to add it to the lambda. However, for the lambda in my CDK I just have the default execution policy and I do not believe I added a resource based policy. I'm not even sure if it is needed for my use case So do I need resource based policy for this? Or do I need anything particular in my execution role? Also is there a difference between event driven SQS triggering lambda vs lambda polling from SQS, aren't these two separate implementations?
asked 14 hours ago