MQ

The object describing an MQ event source type. For more information, see Using Lambda with Amazon MQ in the AWS Lambda Developer Guide.

AWS Serverless Application Model (AWS SAM) generates an AWS::Lambda::EventSourceMapping resource when this event type is set.

Note

To have an Amazon MQ queue in a virtual private cloud (VPC) that connects to a Lambda function in a public network, your function's execution role must include the following permissions:

ec2:CreateNetworkInterface
ec2:DeleteNetworkInterface
ec2:DescribeNetworkInterfaces
ec2:DescribeSecurityGroups
ec2:DescribeSubnets
ec2:DescribeVpcs

For more information, see Execution role permissions in the AWS Lambda Developer Guide.

Syntax

To declare this entity in your AWS SAM template, use the following syntax.

YAML


  BatchSize: Integer
  Broker: String
  DynamicPolicyName: Boolean
  Enabled: Boolean
  FilterCriteria: FilterCriteria
  MaximumBatchingWindowInSeconds: Integer
  Queues: List
  SecretsManagerKmsKeyId: String
  SourceAccessConfigurations: List

Properties

BatchSize

The maximum number of items to retrieve in a single batch.

Type: Integer

Required: No

Default: 100

AWS CloudFormation compatibility: This property is passed directly to the BatchSize property of an AWS::Lambda::EventSourceMapping resource.

Minimum: 1

Maximum: 10000

Broker

The Amazon Resource Name (ARN) of the Amazon MQ broker.

Type: String

Required: Yes

AWS CloudFormation compatibility: This property is passed directly to the EventSourceArn property of an AWS::Lambda::EventSourceMapping resource.

DynamicPolicyName

By default, the AWS Identity and Access Management (IAM) policy name is SamAutoGeneratedAMQPolicy for backward compatibility. Specify true to use an auto-generated name for your IAM policy. This name will include the Amazon MQ event source logical ID.

Note

When using more than one Amazon MQ event source, specify true to avoid duplicate IAM policy names.

Type: Boolean

Required: No

Default: false

AWS CloudFormation compatibility: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent.

Enabled

If true, the event source mapping is active. To pause polling and invocation, set to false.

Type: Boolean

Required: No

AWS CloudFormation compatibility: This property is passed directly to the Enabled property of an AWS::Lambda::EventSourceMapping resource.

FilterCriteria

A object that defines the criteria that determines whether Lambda should process an event. For more information, see AWS Lambda event filtering in the AWS Lambda Developer Guide.

Type: FilterCriteria

Required: No

AWS CloudFormation compatibility: This property is passed directly to the FilterCriteria property of an AWS::Lambda::EventSourceMapping resource.

MaximumBatchingWindowInSeconds

The maximum amount of time to gather records before invoking the function, in seconds.

Type: Integer

Required: No

AWS CloudFormation compatibility: This property is passed directly to the MaximumBatchingWindowInSeconds property of an AWS::Lambda::EventSourceMapping resource.

Queues

The name of the Amazon MQ broker destination queue to consume.

Type: List

Required: Yes

AWS CloudFormation compatibility: This property is passed directly to the Queues property of an AWS::Lambda::EventSourceMapping resource.

SecretsManagerKmsKeyId

The AWS Key Management Service (AWS KMS) key ID of a customer managed key from AWS Secrets Manager. Required when you use a customer managed key from Secrets Manager with a Lambda execution role that doesn't included the kms:Decrypt permission.

The value of this property is a UUID. For example: 1abc23d4-567f-8ab9-cde0-1fab234c5d67.

Type: String

Required: Conditional

AWS CloudFormation compatibility: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent.

SourceAccessConfigurations

An array of the authentication protocol or vitual host. Specify this using the SourceAccessConfigurations data type.

For the MQ event source type, the only valid configuration types are BASIC_AUTH and VIRTUAL_HOST.

BASIC_AUTH – The Secrets Manager secret that stores your broker credentials. For this type, the credential must be in the following format: {"username": "your-username", "password": "your-password"}. Only one object of type BASIC_AUTH is allowed.
VIRTUAL_HOST – The name of the virtual host in your RabbitMQ broker. Lambda will use this Rabbit MQ's host as the event source. Only one object of type VIRTUAL_HOST is allowed.

Type: List

Required: Yes

AWS CloudFormation compatibility: This property is passed directly to the SourceAccessConfigurations property of an AWS::Lambda::EventSourceMapping resource.

Examples

Amazon MQ event source

The following is an example of an MQ event source type for an Amazon MQ broker.

YAML


Events:
  MQEvent:
    Type: MQ
    Properties:
      Broker: arn:aws:mq:us-east-2:123456789012:broker:MyBroker:b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9
      Queues: List of queues
      SourceAccessConfigurations:
        - Type: BASIC_AUTH
          URI: arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName
      BatchSize: 200
      Enabled: true

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Kinesis

MSK