coldcam
commented
7 years ago yes I definitely see your point... I get the same thing. Anyway, the sample policy shows what needs to be added for s3, but will need to add similar access policy for SQS.
Open bizzbyster opened 8 years ago
coldcam
commented
7 years ago yes I definitely see your point... I get the same thing. Anyway, the sample policy shows what needs to be added for s3, but will need to add similar access policy for SQS.
scottdear
commented
7 years ago Anyone still maintaining this? I'm running into the same issue. Is there a more robust version of this pattern that has all the bits in working order?
ahsan-babar
commented
3 years ago In my case, my ECS Task Role was missing SQS Permissions Policy. After attaching the SQS policy, it's fixed.
I'm trying to understand how this worked. When I run it i'm able to create the SQS task and launch the task but when the ECS task tries to read from the queue it gets the following error, which I have reproduced by logging into the shell script container (after preventing it from exiting):
root@f9910bdcd9d6:/# aws sqs receive-message --queue-url=https://queue.amazonaws.com/831754492748/ecs-test-plepeskaQueue --region=us-east-1
An error occurred (AccessDenied) when calling the ReceiveMessage operation: Access to the resource https://queue.amazonaws.com/ is denied.
And this makes sense b/c although I can see that the ecsInstanceRole has a policy that gives it access to the S3 bucket I can't see where it is given access to the SQS queue.
Has something changed since this worked? Or, is there another reason why access to the queue is denied?