SNS topic not publishing to SQS

Question

I am trying to prototype a distributed application using SNS and SQS.I have this topic:

arn:aws:sns:us-east-1:574008783416:us-east-1-live-auction

and this queue:

arn:aws:sqs:us-east-1:574008783416:queue4

I created the queue using the JS Scratchpad. I added the subscription using the Console. I AddPermission to the queue using the scratchpad. The queue policy is now:

{      "Version":"2008-10-17",    "Id":"arn:aws:sqs:us-east-1:574008783416:queue4/SQSDefaultPolicy",    "Statement":[         {            "Sid":"RootPerms",          "Effect":"Allow",          "Principal":{               "AWS":"574008783416"          },          "Action":"SQS:*",          "Resource":"arn:aws:sqs:us-east-1:574008783416:queue4"       }    ] } 

I have an email subscription on the same topic and the emails arrive fine but the messages never arrive on the queue. I've tried SendMessage directly to the queue - rather than via SNS - using Scratchpad and it works fine. Any ideas why it won't send to the queue?

Answer 1

This was posted a while back on the AWS forums: https://forums.aws.amazon.com/thread.jspa?messageID=202798

Then I gave the SNS topic the permission to send messages to the SQS queue. The trick here is to allow all principals. SNS doesn't send from your account ID -- it has its own account ID that it sends from.

Answer 2

Adding to Skyler's answer, if like me you cringe at the idea of allowing any principal (Principal: '*'), you can restrict the principal to SNS:

Principal:   Service: sns.amazonaws.com 

Although this behavior is undocumented, it works.