I have an SNS topic TestTopic, I have an SQS queue newtestqueue-ev, I have a java application that will push messages to either the topic or the queue. I have a Java application that reads from the queue.
When I push to the queue via java app / aws console I receive the message in my application. When I push a message to the topic which has the SQS queue as a subscriber I do not receive any message.
Here is permission added to the SQS queue
{
"Version": "2012-10-17",
"Id": "arn:aws:sqs:eu-west-1:<accountnum>:newtestqueue-ev/SQSDefaultPolicy",
"Statement": [
{
"Sid": "sidNum",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "SQS:SendMessage",
"Resource": "arn:aws:sqs:eu-west-1:<accountNum>:newtestqueue-ev",
"Condition": {
"ArnEquals": {
"aws:SourceArn": "arn:aws:sns:eu-west-1:<accountNum>:TestTopic"
}
}
}
]
}
I have encryption enabled on the queue using the default key alias/aws/sqs and encryption on the sns topic using the default alias/aws/sns
You can not use the default kms key on the SNS queue, you need to create a new one and add this to it
{
"Effect": "Allow",
"Principal": {
"Service": "sns.amazonaws.com"
},
"Action": [
"kms:GenerateDataKey*",
"kms:Decrypt"
],
"Resource": "*"
}