Lambda service throws error execution role does not have permissions to call receiveMessage on SQS

  • Hi as far as i can understand your lambda needs the following permission on it aws docs
  • Hope its not in a VPC.

aws_lambda_permission

  • Or may be give it a god mode on sqs:* just for testing it.

  • If that works maybe later on you can then go for specific methods only. Attached a policy for a lambda role you might have to change account_number to your account no if you need to invoke another lambda form this lambda

     {
     "Version": "2012-10-17",
     "Statement": [
         {
             "Sid": "",
             "Effect": "Allow",
             "Action": "lambda:InvokeFunction",
             "Resource": "arn:aws:lambda:eu-west-2:account_number:function:*"
         },
         {
             "Sid": "",
             "Effect": "Allow",
             "Action": [
                 "logs:PutLogEvents",
                 "logs:CreateLogStream",
                 "logs:CreateLogGroup"
             ],
             "Resource": "*"
         },
         {
             "Sid": "",
             "Effect": "Allow",
             "Action": [
                 "sqs:*"
             ],
             "Resource": "*"
         }
     ]
    

    }


Although solution for this may have been achieved by now.. but since this thread was suggested to me at the top.. i will post the answer for other users:

I faced same issue even after giving SQS full access to user. The problem is with the lambda execution role. When lambda is created, it needs to be assigned a lambda execution role. Most users assign the auto-generated execution role while creating lambda. That execution role does not have permissions for SQS.

So open lambda >> Click Permissions tab >> edit execution role at the top >> assign SQS permissions >> boom.

permissions tab showing execution role