![]() ![]() If I don't create an SQS trigger, but try to access the SQS queue inside the lambda function code, it works correctly (through the VPC endpoint), so my understanding is that the issue is linked somehow to the trigger part (and it prove I believe that the security groups rules are allowing connection between the lambda security group and the vpc endpoint security group).You will need to set up the queue as a lambda trigger, and you will need to write a lambda that can parse the SQS message and make the appropriate call to the Step Functions StartExecution API. Configure MaximumBatchingWindowInSeconds in your Lambda event source (trigger). If you must use SQS, then you will need to have a lambda function to act as a proxy. If I remove the VPC endpoint deny rule, then I can create the trigger, so my understanding is that the issue is linked somehow to the vpc endpoint. There are 3 ways you can consider for delaying message delivery from SQS to Lambda: Configure DelaySeconds for the queue, so that new messages will be invisible to consumers (such as your Lambda) for a specific amount of time, up to 15 minutes.The issue is that when I try to create the trigger, the following error is raised: An error occurred when creating the trigger: The provided execution role does not have permissions to call ReceiveMessage on SQS (Service: AWSLambda Status Code: 400 Error Code: InvalidParameterValueException Request ID: Proxy: null)Īm I missing something? Does anyone know if it is possible to use both the VPC endpoint denial policy and a lambda trigger? On the other end, a VPC endpoint is configured (on the same VPC) to access the SQS queue (following the security best practices from AWS documentation), and a policy has been made to deny access if it is not from the vpc endpoint (similar to this policy) ![]() The lambda function role has the relevant permissions on the SQS queue ( ReceiveMessage, DeleteMessage, GetQueueAttributes). ![]() This will only trigger one concurrent lambda function, no matter how many records are in the queue. That function on trigger than pulls n records from the queue, processes them, and then ends. Setup a event bridge cron trigger for the function. If the invocation fails or times out, every message in the batch will be returned to the queue, and each will be available for processing once the Visibility Timeout period expires. Rather than having the lambda triggered by the SQS queue. I am trying to configure an SQS queue trigger for a lambda function, mainly following this guide. If you configure an Amazon SQS queue as an event source, AWS Lambda will poll a batch of records in the queue and invoke your Lambda function. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |