I have two AWS accounts, we'll call them A and B.
Account A hosts a rabbitMQ broker in AmazonMQ.
Account B has a lambda function that performs some actions and ultimately needs to send some messages to the queues in account A.
Currently, some consoles outside of AWS are sending messages to the queues, for security reasons Account A uses a subnet with specific ACL rules allowing only traffic from these consoles to reach the queues.
I'm unsure how to allow this lambda to send messages to the queues in account A, while this lambda must continue to live in account B. The lambda connects via MassTransit and the amqp endpoint, the same way the non-AWS consoles connect.
If I create a rule allowing all traffic I am able to send messages successfully. so I'm fairly certain the problem lies somewhere in these ACL rules. I've tried putting my lambda into a VPC and whitelisting its CIDR blocks in the ACL inbound rules with no success. I also tried a peering connection between the two accounts to no success.
