When you want to integrate and send data from SNS to SQS, it wont work straighaway. Some tweaks has to be done
Create SNS just like you usually do (via web console of aws).
Once, you do, goto IAM page, search for following roles:
- SNSSuccessFeedback
- SNSFailureFeedback
Now, goto SNS topic and edit it. Go to Delivery logging and enter the Success and failure arns from above into the fields.
The SNS policy should look something like:
{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__default_statement_ID",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"SNS:GetTopicAttributes",
"SNS:SetTopicAttributes",
"SNS:AddPermission",
"SNS:RemovePermission",
"SNS:DeleteTopic",
"SNS:Subscribe",
"SNS:ListSubscriptionsByTopic",
"SNS:Publish",
"SNS:Receive"
],
"Resource": "arn:aws:sns:<region>:<account id>:<topic name>",
"Condition": {
"StringEquals": {
"AWS:SourceOwner": "<account id>"
}
}
}
]
}Create SQS queue as you usually do. Goto access policy editor, and modify it so it should look like following:
{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__owner_statement",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::<topic name>:root"
},
"Action": "SQS:*",
"Resource": "arn:aws:sqs:<region>:<topic name>:<queue name>"
},
{
"Sid": "Sid1583234152842",
"Effect": "Allow",
"Principal": "*",
"Action": "SQS:SendMessage",
"Resource": "arn:aws:sqs:<region>:<topic name>:<queue name>",
"Condition": {
"ArnEquals": {
"aws:SourceArn": "arn:aws:sns:<region>:<topic name>:<topic name>"
}
}
}
]
}Done. Enjoy SNS to SQS message sending