2

I have an AWS Lambda deployed that is triggered when messages are enqueued into a RabbitMQ queue using Amazon MQ trigger. While this works in general, sometimes the MQ trigger gets disabled and needs a manual re-enabling to work properly. These are some relavant policies attached to the lambda role.

Policies:
        - Version: '2012-10-17'
          Statement:
            - Effect: Allow
              Resource: '*'
              Action:
              - mq:DescribeBroker
              - secretsmanager:GetSecretValue
              - ec2:CreateNetworkInterface
              - ec2:DescribeNetworkInterfaces
              - ec2:DescribeVpcs
              - ec2:DeleteNetworkInterface
              - ec2:DescribeSubnets
              - ec2:DescribeSecurityGroups
              ...

How can this issue be fixed? Any help is much appreciated. Thanks.

Prashanth
  • 1,252
  • 2
  • 13
  • 28
  • Did you find why this is happening? The last processing result shows `PROBLEM: Failed to connect with event source.` – Stefanos Chrs Sep 09 '22 at 07:17
  • Sorry, I am not sure if this got solved. The last fix I applied was to include the following policies to the lambda. I saw an OK under lambda console > triggers. But I have no reason to believe if this could have fixed the problem. ``` - logs:CreateLogGroup - logs:CreateLogStream - logs:PutLogEvents ``` – Prashanth Sep 09 '22 at 08:34
  • I see why I added the policies and expected a fix. Its because of this doc: https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/getting-started-rabbitmq.html#rabbitmq-connect-to-lambda – Prashanth Sep 09 '22 at 08:36
  • thanks, I'll have a look. I believe I already have those in place. – Stefanos Chrs Sep 10 '22 at 09:06
  • The problem I had was not with IAM after all, the queue needs to be durable and persistent. If you have the 'Auto Delete' on, then when MQ polls the queue it will not find it. – Stefanos Chrs Sep 26 '22 at 11:55

0 Answers0