Lambda service throws error execution role does not have permissions to call receiveMessage on SQS
- Hi as far as i can understand your lambda needs the following permission on it aws docs
- Hope its not in a VPC.
Or may be give it a god mode on
sqs:*
just for testing it.If that works maybe later on you can then go for specific methods only. Attached a policy for a lambda role you might have to change account_number to your account no if you need to invoke another lambda form this lambda
{ "Version": "2012-10-17", "Statement": [ { "Sid": "", "Effect": "Allow", "Action": "lambda:InvokeFunction", "Resource": "arn:aws:lambda:eu-west-2:account_number:function:*" }, { "Sid": "", "Effect": "Allow", "Action": [ "logs:PutLogEvents", "logs:CreateLogStream", "logs:CreateLogGroup" ], "Resource": "*" }, { "Sid": "", "Effect": "Allow", "Action": [ "sqs:*" ], "Resource": "*" } ]
}
Although solution for this may have been achieved by now.. but since this thread was suggested to me at the top.. i will post the answer for other users:
I faced same issue even after giving SQS full access to user. The problem is with the lambda execution role. When lambda is created, it needs to be assigned a lambda execution role. Most users assign the auto-generated execution role while creating lambda. That execution role does not have permissions for SQS.
So open lambda >> Click Permissions tab >> edit execution role at the top >> assign SQS permissions >> boom.