Questions tagged with Amazon Simple Queue Service

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Amazon ECS/SQS/lambda/

Good morning everyone, I am just starting in the AWS world and I have a challenge that I need to solve with the most appropriate tools that AWS offers me. The use case is the following: I have to process some pdf documents add some images to them and send it back. Currently I am doing it with a microservice that receives a pdf and returns it modified. When I do load tests the queue receives 50 requests and in the bash task I get blocked with 9 pdf at the same time and the ECS crashes. One solution is to increase the capacity of the ECS so that the microservice can process more documents. But I have read that SQS can help me solve this so I want to be sure I am applying the right architecture: - I have a .net core microservice in docker that produces requests and sends them to the queue. - I have an SQS that receives requests and arranges them in order of arrival. - I have a lambda that listens to the SQS and when a new request arrives it fires the event to the consuming microservice (the lambda "fires" up to 10 times simultaneously and in each "firing" it lets only 1 document through, or they recommend that in each "firing" it lets 10 documents through). - The consuming microservice receives a message from the lambda and starts processing all the SQS requests until all of them are finished. - When finished and the SQS is emptied the lambda again is waiting for the SQS to have a new message and the cycle starts again. Overview: I have a microservice is publisher. The microservice is consumer The lambda is the trigger The SQS is the queue
1
answers
0
votes
64
views
asked 3 months ago

Cross account SQS - Lambda setup throws error execution role does not have permissions to call receiveMessage on SQS

I am trying to setup cross account communication from SQS queue to Lambda function. Both these resources are on `eu-central-1` region but in 2 different AWS accounts. My setup is below `ACCOUNT_A` has the Lambda function `ACCOUNT_B` has the SQS queue I have created IAM role on Account A and it is attached to Lambda function (ACCOUNT_A_LAMBDA_EXECUTION_ROLE). IAM role has attached `AWSLambdaSQSQueueExecutionRole` managed permission SQS Queue on `ACCOUNT_B` has following access policy ``` { "Version": "2008-10-17", "Id": "__default_policy_ID", "Statement": [ { "Sid": "__owner_statement", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::ACCOUNT_B:root" }, "Action": "SQS:*", "Resource": "arn:aws:sqs:eu-central-1:ACCOUNT_B:" }, { "Sid": "__receiver_statement", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::ACCOUNT_A:role/LAMBDA_EXECUTION_ROLE" }, "Action": [ "SQS:ChangeMessageVisibility", "SQS:DeleteMessage", "SQS:ReceiveMessage", "SQS:GetQueueAttributes" ], "Resource": "arn:aws:sqs:eu-central-1:ACCOUNT_B:" } ] } ``` I am using AWS CLI to add Lambda trigger, so that ACCOUNT_B_SQS_QUEUE can be added as a trigger to ACCOUNT_A_LAMBDA_FUNCTION. Following is the AWS CLI command ``` aws lambda create-event-source-mapping --function-name ACCOUNT_A_LAMBDA_FUNCTION --event-source-arn ACCOUNT_B_SQS_QUEUE-arn --profile ACCOUNT_A-aws-profile --region eu-central-1 ``` But this command failed with an error ``` An error occurred (InvalidParameterValueException) when calling the CreateEventSourceMapping operation: The provided execution role does not have permissions to call ReceiveMessage on SQS ``` I try to manually add the Lambda trigger as well. It also fails. Appriciate if you can help me with this
1
answers
1
votes
310
views
asked 3 months ago