Home / AWS / Fix AWS Lambda Destination Not Delivered

AWS

Fix AWS Lambda Destination Not Delivered

Resolve Lambda destination delivery failures by checking IAM permissions, destination configuration, and event filtering rules.

Published: Apr 2, 20266 min readBy FixWikiHub Editorial Team

Abstract illustration for a troubleshooting knowledge base category.

Introduction

Lambda destinations route function results (success or failure) to other AWS services like SQS, SNS, EventBridge, or another Lambda. When destinations don't deliver, async invocation results disappear silently, breaking downstream processing workflows.

Symptoms

No delivery to destination:

```bash $ aws lambda invoke --function-name my-function --invocation-type Event output.json

# Invocation succeeds but no message in SQS/SNS $ aws sqs receive-message --queue-url https://sqs.us-west-2.amazonaws.com/123456789/my-queue

# Returns empty - no messages delivered ```

CloudWatch showing invocation but no destination:

```bash $ aws logs filter-log-events --log-group-name /aws/lambda/my-function

# Shows function execution completed # But no "DestinationInvoke" log entry ```

IAM permission errors:

```bash $ aws logs filter-log-events --log-group-name /aws/lambda/my-function

"errorMessage": "AccessDenied: User is not authorized to perform: sqs:SendMessage" ```

Common Causes

1.IAM permissions missing - Lambda can't send to destination
2.Destination not configured - OnSuccess/OnFailure not set
3.Event filtering too strict - All events filtered out
4.Destination resource deleted - SQS/SNS no longer exists
5.Maximum event age exceeded - Event expired before delivery
6.Retry policy exhausted - Delivery retries failed
7.Destination ARN incorrect - Wrong resource ARN

Step-by-Step Fix

1.Check logs for specific error messages
2.Verify configuration settings
3.Test network connectivity
4.Review recent changes
5.Apply corrective action
6.Verify the fix

Step 1: Check Destination Configuration

```bash # Get function's destination configuration aws lambda get-function-configuration --function-name my-function \ --query '{OnSuccess:DestinationConfig.OnSuccess,OnFailure:DestinationConfig.OnFailure}'

# Should show: # OnSuccess: { Destination: "arn:aws:sqs:..." } # OnFailure: { Destination: "arn:aws:sns:..." } ```

Step 2: Verify Destination Resource Exists

```bash # For SQS destination aws sqs get-queue-attributes --queue-url https://sqs.us-west-2.amazonaws.com/123456789/my-queue

# For SNS destination aws sns get-topic-attributes --topic-arn arn:aws:sns:us-west-2:123456789:my-topic

# For EventBridge destination aws events describe-event-bus --name my-event-bus

# For Lambda destination aws lambda get-function --function-name my-destination-function ```

Step 3: Check IAM Permissions

```bash # Get Lambda execution role aws lambda get-function-configuration --function-name my-function \ --query 'ExecutionRoleArn'

# Check role has permissions for destination aws iam get-role-policy --role-name LambdaExecutionRole --policy-name DestinationPolicy

# Required permissions: # SQS: sqs:SendMessage # SNS: sns:Publish # EventBridge: events:PutEvents # Lambda: lambda:InvokeFunction ```

Add missing permissions:

bash

aws iam put-role-policy \
  --role-name LambdaExecutionRole \
  --policy-name SQSAccess \
  --policy-document '{
    "Version": "2012-10-17",
    "Statement": [{
      "Effect": "Allow",
      "Action": "sqs:SendMessage",
      "Resource": "arn:aws:sqs:us-west-2:123456789:my-queue"
    }]
  }'

Step 4: Configure Destination

```bash # Add OnSuccess destination aws lambda put-function-event-invoke-config \ --function-name my-function \ --destination-config '{"OnSuccess":{"Destination":"arn:aws:sqs:us-west-2:123456789:my-queue"}}'

# Add OnFailure destination aws lambda put-function-event-invoke-config \ --function-name my-function \ --destination-config '{"OnFailure":{"Destination":"arn:aws:sns:us-west-2:123456789:error-topic"}}'

# Configure both aws lambda put-function-event-invoke-config \ --function-name my-function \ --destination-config '{"OnSuccess":{"Destination":"arn:aws:sqs:..."},"OnFailure":{"Destination":"arn:aws:sns:..."}}' ```

Step 5: Check Event Filtering

```bash # Get filter criteria aws lambda get-function-event-invoke-config --function-name my-function \ --query 'DestinationConfig.OnSuccess.FilterCriteria'

# Filter patterns that might block delivery: # {"statusCode": [200]} - Only success responses # {"errorMessage": ["*timeout*"]} - Only specific errors

# Remove restrictive filters aws lambda put-function-event-invoke-config \ --function-name my-function \ --destination-config '{"OnSuccess":{"Destination":"arn:aws:sqs:..."}}' ```

Step 6: Verify Maximum Event Age

```bash # Check maximum event age aws lambda get-function-event-invoke-config --function-name my-function \ --query 'MaximumEventAgeInSeconds'

# Default: 21600 seconds (6 hours) # If events expire before destination delivery, they're dropped

# Increase if needed aws lambda put-function-event-invoke-config \ --function-name my-function \ --maximum-event-age-in-seconds 86400 ```

Step 7: Check Retry Configuration

```bash # Get retry policy aws lambda get-function-event-invoke-config --function-name my-function \ --query 'MaximumRetryAttempts'

# Default: 2 retries # After retries exhausted, OnFailure destination is triggered

# Increase retries aws lambda put-function-event-invoke-config \ --function-name my-function \ --maximum-retry-attempts 3 ```

Step 8: Test Destination Delivery

```bash # Invoke function asynchronously aws lambda invoke \ --function-name my-function \ --invocation-type Event \ --payload '{"test": "destination"}' \ output.json

# Check SQS for success messages aws sqs receive-message --queue-url https://sqs.us-west-2.amazonaws.com/123456789/my-queue

# Check CloudWatch for delivery logs aws logs filter-log-events \ --log-group-name /aws/lambda/my-function \ --filter-pattern "Destination" ```

Step 9: Check SQS Queue Policy

```bash # For SQS destination, queue must allow Lambda to send aws sqs get-queue-attributes \ --queue-url https://sqs.us-west-2.amazonaws.com/123456789/my-queue \ --attribute-names Policy

# Add policy if missing: aws sqs set-queue-attributes \ --queue-url https://sqs.us-west-2.amazonaws.com/123456789/my-queue \ --attributes '{"Policy":"{\"Version\":\"2012-10-17\",\"Statement":[{"Effect":"Allow","Principal\":{\"Service\":\"lambda.amazonaws.com\"},\"Action\":\"sqs:SendMessage\",\"Resource\":\"arn:aws:sqs:us-west-2:123456789:my-queue\"}]}"}' ```

Step 10: Monitor Destination Metrics

```bash # Check Lambda destination metrics aws cloudwatch get-metric-statistics \ --namespace AWS/Lambda \ --metric-name DestinationInvocations \ --dimensions Name=FunctionName,Value=my-function \ --statistics Sum \ --period 60

# Check for delivery failures aws cloudwatch get-metric-statistics \ --namespace AWS/Lambda \ --metric-name DestinationDeliveryFailed \ --dimensions Name=FunctionName,Value=my-function ```

Lambda Destination Response Format

For SQS/SNS destinations, Lambda sends:

json

{
  "version": "1.0",
  "timestamp": "2024-01-15T10:00:00Z",
  "requestContext": {
    "requestId": "uuid",
    "functionArn": "arn:aws:lambda:...",
    "condition": "Success" // or "RetryFailure"
  },
  "responsePayload": {
    // Actual function response
  }
}

Verification

```bash # After configuration, test invocation aws lambda invoke --function-name my-function --invocation-type Event /dev/null

# Wait a few seconds, then check destination aws sqs receive-message --queue-url https://sqs.us-west-2.amazonaws.com/123456789/my-queue

# Should receive message with function response ```

[Fix AWS Lambda Function Timeout](/articles/fix-aws-lambda-function-timeout)
[Fix AWS Lambda Dead Letter Queue Not Working](/articles/fix-aws-lambda-dead-letter-queue-not-working)
[Fix AWS SQS Message Not Received](/articles/fix-aws-sqs-message-not-received)

[AWS troubleshooting: Fix IAM Permission Denied - Complete Tro](fix-iam-permission-denied)
[AWS cloud troubleshooting: AWS ACM Certificate Pending Validation Because the](aws-acm-certificate-pending-validation-wrong-route53-zone)
[AWS cloud troubleshooting: AWS ALB Returns 502 Because the Target Closed the ](aws-alb-502-target-closed-connection-keepalive-timeout-mismatch)
[AWS cloud troubleshooting: Fix AWS ALB CreateListener TargetGroupNotFound Err](aws-alb-createlistener-targetgroupnotfound)
[AWS cloud troubleshooting: Fix Aws Alb Lambda 502 Bad Gateway Issue in AWS](aws-alb-lambda-502-bad-gateway)

Was this guide helpful?

Related search paths

People also search for

If the symptom is close but not identical, these search paths usually surface the right neighboring fixes faster than scrolling the full archive.

AWS Lambda Destination Not Delivered AWS Lambda Destination Not Delivered AWS AWS Lambda Destination Not Delivered troubleshooting AWS Lambda Destination Not Delivered fix Resolve Lambda destination delivery failures by checking IAM permissions, destination configuration, and event filtering rules AWS Resolve Lambda destination delivery failures by checking IAM permissions, destination configuration, and event filtering rules

Explore Related Topics

Browse Guides from Other Categories

Discover troubleshooting guides from related categories to expand your knowledge.

FAQ

AWS Troubleshooting FAQs

Common questions about troubleshooting and preventing similar issues

How do I know if this aws-errors troubleshooting guide applies to my situation?

This guide is designed for aws-errors issues. If you're experiencing similar symptoms described in the article, follow the step-by-step instructions. Start with the most common causes and work through the diagnostic process.

Is it safe to follow these aws-errors troubleshooting steps?

Yes, all steps are designed to be safe and non-destructive. We recommend creating backups before making significant changes and testing each step before proceeding to the next.

How long does it typically take to resolve this type of aws-errors issue?

Most aws-errors issues can be resolved within 30 minutes to 2 hours, depending on the complexity and root cause. Follow the troubleshooting flow to identify and fix the problem efficiently.

How can I prevent this aws-errors issue from happening again?

Regular maintenance, monitoring, and following best practices for aws-errors configuration can help prevent recurrence. Consider implementing automated checks and alerts for early detection.

Written by

FixWikiHub Editorial Team

Our editorial team consists of experienced DevOps engineers, systems administrators, and cloud architects with hands-on experience in production environments across AWS, Azure, GCP, and on-premises infrastructure.

Every guide undergoes technical review for accuracy and is updated when software versions, commands, or best practices change.

Last updated: Apr 2, 2026

About our team

Important Notice

Disclaimer & Safety Guidelines

The troubleshooting steps in this guide are provided for educational and informational purposes. Before applying any changes to production systems:

Test in a staging environment first — Always verify commands and configurations in a non-production environment before deploying to live systems.
Create backups — Ensure you have current backups of databases, configurations, and critical files before making changes.
Understand the impact — Review how each step may affect your specific environment, dependencies, and users.
Consult official documentation — This guide supplements, but does not replace, official vendor documentation and best practices.

FixWikiHub is not responsible for any damages arising from the use of this content. See our Terms of Use for more information.

Resources

Official Documentation & Further Reading

For authoritative information, consult the official documentation for the technologies discussed in this guide. Our troubleshooting content supplements, but does not replace, vendor documentation.

AWS Documentation — Official Amazon Web Services guides and API references
Kubernetes Documentation — Official Kubernetes documentation
Nginx Documentation — Official Nginx web server documentation
Apache Documentation — Official Apache HTTP Server documentation
Docker Documentation — Official Docker container documentation

Fix AWS Lambda Destination Not Delivered

Introduction

Symptoms

Common Causes

Step-by-Step Fix

Step 1: Check Destination Configuration

Step 2: Verify Destination Resource Exists

Step 3: Check IAM Permissions

Step 4: Configure Destination

Step 5: Check Event Filtering

Step 6: Verify Maximum Event Age

Step 7: Check Retry Configuration

Step 8: Test Destination Delivery

Step 9: Check SQS Queue Policy

Step 10: Monitor Destination Metrics

Lambda Destination Response Format

Verification

People also search for

Browse Guides from Other Categories

WordPress

SSL

DNS

AWS Troubleshooting FAQs

FixWikiHub Editorial Team

Disclaimer & Safety Guidelines

Official Documentation & Further Reading

Fix AWS Lambda Destination Not Delivered

Introduction

Symptoms

Common Causes

Step-by-Step Fix

Step 1: Check Destination Configuration

Step 2: Verify Destination Resource Exists

Step 3: Check IAM Permissions

Step 4: Configure Destination

Step 5: Check Event Filtering

Step 6: Verify Maximum Event Age

Step 7: Check Retry Configuration

Step 8: Test Destination Delivery

Step 9: Check SQS Queue Policy

Step 10: Monitor Destination Metrics

Lambda Destination Response Format

Verification

Related Issues

Related Articles

People also search for

Share this guide

More AWS Troubleshooting Guides

Browse Guides from Other Categories

AWS Troubleshooting FAQs

FixWikiHub Editorial Team

Disclaimer & Safety Guidelines

Official Documentation & Further Reading