What is the primary purpose of a Dead Letter Queue (DLQ) in AWS messaging services like SQS or SNS?
Think about what happens to messages that cannot be processed successfully.
Dead Letter Queues hold messages that failed processing after a set number of retries, allowing developers to inspect and handle them separately without losing data.
You want to configure an SQS queue to send failed messages to a Dead Letter Queue after 5 failed processing attempts. Which configuration setting must you set on the main queue?
Look for the setting that controls how many times a message can be received before moving to DLQ.
The RedrivePolicy attribute on the main queue specifies the DLQ ARN and maxReceiveCount, which controls after how many failed receives the message is sent to the DLQ.
You are designing a system that processes messages from an SQS queue. To ensure no message is lost and failures are handled gracefully, which architecture pattern involving DLQs is best?
Consider how to separate failed messages from successfully processed ones.
The best practice is to have a main queue for normal processing and a DLQ to isolate failed messages for later handling, ensuring reliability and no message loss.
What happens to a message in an SQS main queue when it reaches the maxReceiveCount specified in the RedrivePolicy?
Think about what the RedrivePolicy controls regarding message retries and failures.
When a message's receive count exceeds maxReceiveCount, SQS moves it to the DLQ and removes it from the main queue to prevent infinite retries.
You want to ensure that only specific AWS Lambda functions can read messages from your SQS Dead Letter Queue. Which is the best way to enforce this access control?
Consider both IAM roles and resource policies for fine-grained access control.
Combining IAM policies on Lambda roles with resource-based policies on the DLQ ensures only authorized Lambdas can read and delete messages, enforcing strict access control.