--- source_url: https://www.pubnub.com/docs/serverless/events-and-actions/actions/create-sqs-action title: Create SQS action updated_at: 2026-06-16T12:53:11.970Z --- > Documentation Index > For a curated overview of PubNub documentation, see: https://www.pubnub.com/docs/llms.txt > For the full list of all documentation pages, see: https://www.pubnub.com/docs/llms-full.txt # Create SQS action You need an [Amazon SQS queue](#create-a-queue) and an [IAM role](#create-an-iam-role). If you have both, go to [Configure Admin Portal](#configure-admin-portal). Use Terraform ```hcl resource "aws_sqs_queue" "pubnub_queue" { name = "pubnub-example" fifo_queue = false } data "aws_iam_policy_document" "pubnub_sqs_role" { statement { actions = ["sts:AssumeRole"] principals { type = "AWS" identifiers = ["arn:aws:iam::535363102202:root"] } condition { test = "StringLike" variable = "sts:ExternalId" values = [ "" ] } } } resource "aws_iam_role" "pubnub_sqs_example" { name = "pubnub-sqs-example" path = "/" assume_role_policy = data.aws_iam_policy_document.pubnub_sqs_role.json } resource "aws_iam_policy" "pubnub_sqs_example" { name = "pubnub-sqs-example" path = "/" description = "Pubnub Example SQS policy" policy = jsonencode({ Version = "2012-10-17" Statement = [ { Action = [ "sqs:SendMessage", ] Effect = "Allow" Resource = aws_sqs_queue.pubnub_queue.arn }, ] }) } resource "aws_iam_role_policy_attachment" "pubnub-sqs-attach" { role = aws_iam_role.pubnub_sqs_example.name policy_arn = aws_iam_policy.pubnub_sqs_example.arn } ``` show all 55 lines ## Create a queue 1. Open Amazon SQS. Go to Queues. 2. Click Create queue. Enter a name. Supported queue typeEvents & Actions supports the standard queue type. 3. Click Create queue. 4. Copy the Queue URL. ## Create an IAM role Create an IAM role with SQS write permission. 1. Open AWS Identity and Access Management. Go to Roles. 2. Click Create role. Name the role. 3. Set AWS account as the Trusted entity type. 4. In An AWS account, select Another AWS account. Enter 535363102202 as the Account ID. This is PubNub’s AWS account ID. PubNub uses this role to write to your queue. 5. Select Require external ID. 6. Paste your app's subscribe key from the Admin Portal into External ID. Optional but recommended by AWS. It sets your subscribe key as the external ID for PubNub. Access policy example: 1{2 "Version": "2012-10-17",3 "Statement": [4 {5 "Effect": "Allow",6 "Principal": {7 "AWS": "arn:aws:iam::535363102202:root"8 },9 "Action": "sts:AssumeRole",10 "Condition": {11 "StringEquals": {12 "sts:ExternalId": ""13 }14 }15 }16 ]17} Click Next. 7. Create a policy with sqs:SendMessage. Click Create policy. Switch to JSON. Paste this snippet. Use your queue ARN: 1{2 "Statement": [3 {4 "Action": [5 "sqs:SendMessage"6 ],7 "Effect": "Allow",8 "Resource": ""9 }10 ],11 "Version": "2012-10-17"12} Complete the policy in the wizard. 8. Select the policy. Click Next (Step 3). 9. Name the role. 10. Click Create Role. 11. Copy the Role ARN. ## Configure Admin Portal 1. Open **Events & Actions** in the [Admin Portal](https://admin.pubnub.com/). Click **+ Add Action**. 2. Select **Amazon SQS**. 3. Paste the **Queue URL** and **Role ARN**. 4. (Optional) Enable and configure [retries](https://www.pubnub.com/docs/serverless/events-and-actions/events#retries) in **SQS retry**. 5. Pair the action with an event listener in **Actions**. Click **Add event listener**. Select an existing listener or [create one](https://www.pubnub.com/docs/serverless/events-and-actions/configure-e&a#create-event-listener). 6. Click **Save changes**.