[Solved] Cannot access SQS queue message through Lambda function

I have a lambda function which is suppose to read message from a SQS queue and process. When I deployed everything to AWS and try to call the lambda function getting "errorMessage":"Access to the resource https://sqs.us-east-1.amazonaws.com/ is denied."

However, Lambda function can read the messages when it is run locally through Serverless Offline plugin. I have given proper permission as below. And my project is based on node.js.
Here is the permission block,

    - Effect: Allow
        - sqs:*
        - Fn::GetAtt:
          - NotificationQueue
          - Arn

Sounds like you also need IAM permissions set on the lambda pulling from SQS

Locally it works with your creds and sdk invoke under the hood but in AWS the lambda needs permissions as well.

Check out https://github.com/sbstjn/sqs-worker-serverless/blob/master/serverless.yml#L18 for a good SQS example

1 Like

Thanks for the response. I just figured out Serverless has not created IAM roles while deploying. Not sure why, and I am going to dig into the stack. I manually edited the policy created by Serverles for lambda and it worked.

Figured out the issue. It was due to improper indentation of iamRoleStatements.

1 Like