SQS Queue ARN — Message Queue Identification
Parse an Amazon SQS queue ARN to understand queue naming, FIFO queue ARNs, and dead-letter queue relationships. Covers the difference between ARN and queue URL.
Detailed Explanation
SQS Queue ARN vs. Queue URL
SQS queues have both an ARN and a URL, and understanding when to use each is important for correct AWS configuration.
Example ARN
arn:aws:sqs:us-east-1:123456789012:payment-processing
Parsed Components
| Component | Value |
|---|---|
| Partition | aws |
| Service | sqs |
| Region | us-east-1 |
| Account ID | 123456789012 |
| Resource Type | (none) |
| Resource ID | payment-processing |
ARN vs. Queue URL
The same queue is referenced by two identifiers:
- ARN:
arn:aws:sqs:us-east-1:123456789012:payment-processing— used in IAM policies, SNS subscriptions, and event source mappings - URL:
https://sqs.us-east-1.amazonaws.com/123456789012/payment-processing— used in SendMessage, ReceiveMessage, and DeleteMessage API calls
The ARN is used for permissions and configuration, while the URL is used for data operations.
FIFO Queues
Like SNS, FIFO queues append .fifo:
arn:aws:sqs:us-east-1:123456789012:payment-processing.fifo
Dead-Letter Queue Relationships
When configuring a dead-letter queue (DLQ), you specify the DLQ's ARN in the source queue's redrive policy. There is no ARN-level relationship visible in the ARNs themselves — the linkage is defined in the queue configuration.
Cross-Account Access
SQS queue policies use the queue ARN to grant cross-account SendMessage or ReceiveMessage permissions, similar to S3 bucket policies.
Use Case
Setting up Lambda event source mappings that poll SQS queues for new messages. The queue ARN is required in the event source mapping configuration and in IAM policies that grant the Lambda execution role permission to read from the queue.