Send messages to the DLQ before deleting from SQS

[VictorJuliani]

Is your feature request related to a problem? Please describe.

I came across a problem where messages were failing and throwing exceptions, but they weren't sent to the DLQ. They were consumed as successful.

After investigation, I found out that the DLQ#SendMessage call from PowerTools was failing due to a missing KMS permission in my lambda.

That caused some messages to be lost from the queues.

Describe the solution you'd like

1. Update the documentation to point out that Encrypt/Decrypt and GenerateDataKey* permissions are required if the SQS is encrypted (at least it's not documented here)
2. Perform the DLQ#SendMessage call before the SQS#DeleteMessage (code ref) to make sure the message won't be lost in case of any DLQ misconfiguration.

Describe alternatives you've considered

Additional context

[pankajagrawal16]

Thanks for opening the issue @VictorJuliani . fair points. Regarding the second point, send message call is actually done before delete message call today.

Its a bug that any failure to send message call to DLQ is assumed to be always successful, so we need to respect failure response and mark batch as failure.

Thanks for raising this, I will create a bug fix and also improve the docs.

[github-actions]

This is now released under 1.10.3 version!