Create SQS action

You need an Amazon SQS queue and an IAM role. If you have both, go to Configure Admin Portal.

Use Terraform
resource "aws_sqs_queue" "pubnub_queue" {
  name       = "pubnub-example"
  fifo_queue = false
}


data "aws_iam_policy_document" "pubnub_sqs_role" {
  statement {
    actions = ["sts:AssumeRole"]

    principals {
      type        = "AWS"
      identifiers = ["arn:aws:iam::535363102202:root"]
    }

show all 55 lines

Create a queue

  1. Open Amazon SQS. Go to Queues.

  2. Click Create queue. Enter a name.

    Supported queue type

    Events & Actions supports the standard queue type.

  3. Click Create queue.

  4. Copy the Queue URL.

Create an IAM role

Create an IAM role with SQS write permission.

  1. Open AWS Identity and Access Management. Go to Roles.

  2. Click Create role. Name the role.

  3. Set AWS account as the Trusted entity type.

  4. In An AWS account, select Another AWS account. Enter 535363102202 as the Account ID. This is PubNub’s AWS account ID. PubNub uses this role to write to your queue.

  5. Select Require external ID.

  6. Paste your app's subscribe key from the Admin Portal into External ID.

    Optional but recommended by AWS. It sets your subscribe key as the external ID for PubNub. Access policy example:

    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": {
                    "AWS": "arn:aws:iam::535363102202:root"
                },
                "Action": "sts:AssumeRole",
                "Condition": {
                    "StringEquals": {
                        "sts:ExternalId": "<PubNub subscribe key>"
                    }
                }
            }
    show all 17 lines

    Click Next.

  7. Create a policy with sqs:SendMessage. Click Create policy. Switch to JSON. Paste this snippet. Use your queue ARN:

    {
        "Statement": [
            {
                "Action": [
                    "sqs:SendMessage"
                ],
                "Effect": "Allow",
                "Resource": "<ARN of customer's SQS queue>"
            }
        ],
        "Version": "2012-10-17"
    }

    Complete the policy in the wizard.

  8. Select the policy. Click Next (Step 3).

  9. Name the role.

  10. Click Create Role.

  11. Copy the Role ARN.

Configure Admin Portal

  1. Open Events & Actions in the Admin Portal. Click + Add Action.
  2. Select Amazon SQS.
  3. Paste the Queue URL and Role ARN.
  4. (Optional) Enable and configure retries in SQS retry.
  5. Pair the action with an event listener in Actions. Click Add event listener. Select an existing listener or create one.
  6. Click Save changes.
Last updated on
On this page