When SQS is configured with QueueEncryption.KMS and master key is set, it does not successfully receive data from SNS that it is subscribed to.
Reproduction Steps
topic = aws_sns.Topic(self.stack, 'alarm-topic',
display_name='Topic for alarms',
topic_name=self.alarms_topic_name)
queue = aws_sqs.Queue(self.stack, 'alarm-queue',
encryption=aws_sqs.QueueEncryption.KMS,
encryption_master_key=key,
retention_period=core.Duration.days(7),
queue_name=self.alarms_queue_name
)
topic.add_subscription(aws_sns_subscriptions.SqsSubscription(queue))What did you expect to happen?
Successfully retrieve message from SQS
What actually happened?
When the SNS has delivery logs enabled, the following failure appears in the log:
{
"notification": {
"messageMD5Sum": "2bc17714a33dbaf9dbe6a57a8410eb7f",
"messageId": "054099fb-9d8e-5f40-b657-c1eb69e60b29",
"topicArn": "[SNS ARN]",
"timestamp": "2020-10-26 15:58:32.47"
},
"delivery": {
"deliveryId": "c894a538-64e0-5577-b85d-fd2890888698",
"destination": "[SQS ARN],
"providerResponse": "{"ErrorCode":"KMS.AccessDeniedException","ErrorMessage":"null (Service: AWSKMS; Status Code: 400; Error Code: AccessDeniedException; Request ID: 9582607-3c84-4f8e-8d4b-fa9932c21146; Proxy: null)","sqsRequestId":"Unrecoverable"}",
"dwellTimeMs": 66,
"attempts": 1,
"statusCode": 400
},
"status": "FAILURE"
}
Environment
CLI Version : 1.70
Framework Version: Python 3.8.5
Node.js Version: v14.11.0
OS : Linux
Language (Version): Python (3.8.5)
Other
This is 🐛 Bug Report
When SQS is configured with QueueEncryption.KMS and master key is set, it does not successfully receive data from SNS that it is subscribed to.
Reproduction Steps
What did you expect to happen?
Successfully retrieve message from SQS
What actually happened?
When the SNS has delivery logs enabled, the following failure appears in the log:
Environment
CLI Version : 1.70
Framework Version: Python 3.8.5
Node.js Version: v14.11.0
OS : Linux
Language (Version): Python (3.8.5)
Other
This is 🐛 Bug Report