Why aren't messages that I publish to my Amazon SNS topic getting delivered to my subscribed Amazon SQS queue that has server-side encryption (SSE) enabled?

Last updated: 2020-11-19

When I publish messages to my Amazon Simple Notification Service (Amazon SNS) topic, they aren't delivered to my Amazon Simple Queue Service (Amazon SQS) queue. How do I fix this if my Amazon SQS queue has server-side encryption (SSE) enabled?

Short description

Your Amazon SQS queue must use a customer master key (CMK) that is customer managed. This CMK must include a custom key policy that gives Amazon SNS sufficient key usage permissions.

Note: The required permissions aren't included in the default key policy of the AWS-managed CMK for Amazon SQS, and you can't modify this policy.

Resolution