From 4b9209d7707c70cfd066911c457f538a30df6752 Mon Sep 17 00:00:00 2001 From: jamesthompson26-nhs Date: Thu, 7 May 2026 13:13:46 +0100 Subject: [PATCH 1/4] CCM-14783: Add SQS DLQ Alarm --- .../terraform/modules/sqs/README.md | 1 + .../cloudwatch_metric_alarm_dlq_messages.tf | 21 +++++++++++++++++++ .../terraform/modules/sqs/variables.tf | 6 ++++++ 3 files changed, 28 insertions(+) create mode 100644 infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf diff --git a/infrastructure/terraform/modules/sqs/README.md b/infrastructure/terraform/modules/sqs/README.md index 12a2f40..e68d641 100644 --- a/infrastructure/terraform/modules/sqs/README.md +++ b/infrastructure/terraform/modules/sqs/README.md @@ -19,6 +19,7 @@ | [default\_tags](#input\_default\_tags) | A map of default tags to apply to all taggable resources within the component | `map(string)` | `{}` | no | | [delay\_seconds](#input\_delay\_seconds) | Time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). | `number` | `0` | no | | [dlq\_message\_retention\_seconds](#input\_dlq\_message\_retention\_seconds) | The number of seconds Amazon SQS retains a message on the DLQ. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days) | `number` | `1209600` | no | +| [enable\_dlq\_alarm](#input\_enable\_dlq\_alarm) | Create a CloudWatch alarm when messages are visible in the DLQ | `bool` | `false` | no | | [environment](#input\_environment) | The name of the tfscaffold environment | `string` | n/a | yes | | [fifo\_queue](#input\_fifo\_queue) | Boolean designating a FIFO queue | `bool` | `false` | no | | [kms\_data\_key\_reuse\_period\_seconds](#input\_kms\_data\_key\_reuse\_period\_seconds) | The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. An integer representing seconds, between 60 seconds (1 minute) and 86,400 seconds (24 hours) | `number` | `300` | no | diff --git a/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf new file mode 100644 index 0000000..96bc404 --- /dev/null +++ b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf @@ -0,0 +1,21 @@ +resource "aws_cloudwatch_metric_alarm" "dlq_messages" { + count = var.create_dlq && var.enable_dlq_alarm ? 1 : 0 + + alarm_name = "${local.csi}-dlq-messages-alarm" + alarm_description = "RELIABILITY: Alarm for messages in the DLQ" + comparison_operator = "GreaterThanThreshold" + evaluation_periods = 1 + metric_name = "ApproximateNumberOfMessagesVisible" + namespace = "AWS/SQS" + period = 300 + statistic = "Sum" + threshold = 0 + actions_enabled = true + treat_missing_data = "notBreaching" + + dimensions = { + QueueName = aws_sqs_queue.deadletter_queue[0].name + } + + tags = local.default_tags +} diff --git a/infrastructure/terraform/modules/sqs/variables.tf b/infrastructure/terraform/modules/sqs/variables.tf index f7ca0f6..3371108 100644 --- a/infrastructure/terraform/modules/sqs/variables.tf +++ b/infrastructure/terraform/modules/sqs/variables.tf @@ -117,6 +117,12 @@ variable "create_dlq" { default = false } +variable "enable_dlq_alarm" { + description = "Create a CloudWatch alarm when messages are visible in the DLQ" + type = bool + default = false +} + variable "max_receive_count" { description = "The maximum number of times a message can be received before being sent to the DLQ" type = number From ca98099136d52169b272678c4891d5e55b7ae64b Mon Sep 17 00:00:00 2001 From: jamesthompson26-nhs Date: Thu, 7 May 2026 13:58:15 +0100 Subject: [PATCH 2/4] CCM-14783: Add SQS DLQ Alarm and Oldest Message Alarms --- .../terraform/modules/sqs/README.md | 5 ++++- .../cloudwatch_metric_alarm_dlq_messages.tf | 14 ++++++------- ...watch_metric_alarm_queue_oldest_message.tf | 21 +++++++++++++++++++ .../terraform/modules/sqs/variables.tf | 20 +++++++++++++++++- 4 files changed, 51 insertions(+), 9 deletions(-) create mode 100644 infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_queue_oldest_message.tf diff --git a/infrastructure/terraform/modules/sqs/README.md b/infrastructure/terraform/modules/sqs/README.md index e68d641..b9b9763 100644 --- a/infrastructure/terraform/modules/sqs/README.md +++ b/infrastructure/terraform/modules/sqs/README.md @@ -18,8 +18,10 @@ | [create\_dlq](#input\_create\_dlq) | Create a DLQ | `bool` | `false` | no | | [default\_tags](#input\_default\_tags) | A map of default tags to apply to all taggable resources within the component | `map(string)` | `{}` | no | | [delay\_seconds](#input\_delay\_seconds) | Time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). | `number` | `0` | no | +| [dlq\_alarm\_config](#input\_dlq\_alarm\_config) | Map of optional CloudWatch alarm settings for the DLQ messages alarm. Supported keys: comparison\\_operator, evaluation\\_periods, period, statistic, threshold, actions\\_enabled, treat\\_missing\\_data | `map(any)` | `{}` | no | | [dlq\_message\_retention\_seconds](#input\_dlq\_message\_retention\_seconds) | The number of seconds Amazon SQS retains a message on the DLQ. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days) | `number` | `1209600` | no | -| [enable\_dlq\_alarm](#input\_enable\_dlq\_alarm) | Create a CloudWatch alarm when messages are visible in the DLQ | `bool` | `false` | no | +| [enable\_dlq\_alarm](#input\_enable\_dlq\_alarm) | Create a CloudWatch alarm when messages are visible in the DLQ | `bool` | `true` | no | +| [enable\_queue\_oldest\_message\_alarm](#input\_enable\_queue\_oldest\_message\_alarm) | Create a CloudWatch alarm when the oldest visible message age breaches the configured threshold on the main queue | `bool` | `true` | no | | [environment](#input\_environment) | The name of the tfscaffold environment | `string` | n/a | yes | | [fifo\_queue](#input\_fifo\_queue) | Boolean designating a FIFO queue | `bool` | `false` | no | | [kms\_data\_key\_reuse\_period\_seconds](#input\_kms\_data\_key\_reuse\_period\_seconds) | The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. An integer representing seconds, between 60 seconds (1 minute) and 86,400 seconds (24 hours) | `number` | `300` | no | @@ -28,6 +30,7 @@ | [message\_retention\_seconds](#input\_message\_retention\_seconds) | The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days) | `number` | `null` | no | | [name](#input\_name) | Name of the SQS Queue | `string` | n/a | yes | | [project](#input\_project) | The name of the tfscaffold project | `string` | n/a | yes | +| [queue\_oldest\_message\_alarm\_config](#input\_queue\_oldest\_message\_alarm\_config) | Map of optional CloudWatch alarm settings for the main queue oldest message age alarm. Supported keys: comparison\\_operator, evaluation\\_periods, period, statistic, threshold, actions\\_enabled, treat\\_missing\\_data | `map(any)` | `{}` | no | | [region](#input\_region) | The AWS Region | `string` | n/a | yes | | [sqs\_kms\_key\_arn](#input\_sqs\_kms\_key\_arn) | ARN of the KMS key to encrypt SQS queue messages | `string` | n/a | yes | | [sqs\_policy\_overload](#input\_sqs\_policy\_overload) | Optional additional policy to extend the SQS Resource Policy | `string` | `""` | no | diff --git a/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf index 96bc404..b58b85e 100644 --- a/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf +++ b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf @@ -3,15 +3,15 @@ resource "aws_cloudwatch_metric_alarm" "dlq_messages" { alarm_name = "${local.csi}-dlq-messages-alarm" alarm_description = "RELIABILITY: Alarm for messages in the DLQ" - comparison_operator = "GreaterThanThreshold" - evaluation_periods = 1 + comparison_operator = lookup(var.dlq_alarm_config, "comparison_operator", "GreaterThanThreshold") + evaluation_periods = lookup(var.dlq_alarm_config, "evaluation_periods", 1) metric_name = "ApproximateNumberOfMessagesVisible" namespace = "AWS/SQS" - period = 300 - statistic = "Sum" - threshold = 0 - actions_enabled = true - treat_missing_data = "notBreaching" + period = lookup(var.dlq_alarm_config, "period", 300) + statistic = lookup(var.dlq_alarm_config, "statistic", "Sum") + threshold = lookup(var.dlq_alarm_config, "threshold", 0) + actions_enabled = lookup(var.dlq_alarm_config, "actions_enabled", true) + treat_missing_data = lookup(var.dlq_alarm_config, "treat_missing_data", "notBreaching") dimensions = { QueueName = aws_sqs_queue.deadletter_queue[0].name diff --git a/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_queue_oldest_message.tf b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_queue_oldest_message.tf new file mode 100644 index 0000000..8cf0aba --- /dev/null +++ b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_queue_oldest_message.tf @@ -0,0 +1,21 @@ +resource "aws_cloudwatch_metric_alarm" "queue_oldest_message" { + count = var.enable_queue_oldest_message_alarm ? 1 : 0 + + alarm_name = "${local.csi}-queue-oldest-message-alarm" + alarm_description = "RELIABILITY: Alarm for old messages in the queue" + comparison_operator = lookup(var.queue_oldest_message_alarm_config, "comparison_operator", "GreaterThanThreshold") + evaluation_periods = lookup(var.queue_oldest_message_alarm_config, "evaluation_periods", 1) + metric_name = "ApproximateAgeOfOldestMessage" + namespace = "AWS/SQS" + period = lookup(var.queue_oldest_message_alarm_config, "period", 300) + statistic = lookup(var.queue_oldest_message_alarm_config, "statistic", "Maximum") + threshold = lookup(var.queue_oldest_message_alarm_config, "threshold", 300) + actions_enabled = lookup(var.queue_oldest_message_alarm_config, "actions_enabled", true) + treat_missing_data = lookup(var.queue_oldest_message_alarm_config, "treat_missing_data", "notBreaching") + + dimensions = { + QueueName = aws_sqs_queue.sqs_queue.name + } + + tags = local.default_tags +} diff --git a/infrastructure/terraform/modules/sqs/variables.tf b/infrastructure/terraform/modules/sqs/variables.tf index 3371108..4a89fd4 100644 --- a/infrastructure/terraform/modules/sqs/variables.tf +++ b/infrastructure/terraform/modules/sqs/variables.tf @@ -120,7 +120,25 @@ variable "create_dlq" { variable "enable_dlq_alarm" { description = "Create a CloudWatch alarm when messages are visible in the DLQ" type = bool - default = false + default = true +} + +variable "dlq_alarm_config" { + description = "Map of optional CloudWatch alarm settings for the DLQ messages alarm. Supported keys: comparison_operator, evaluation_periods, period, statistic, threshold, actions_enabled, treat_missing_data" + type = map(any) + default = {} +} + +variable "enable_queue_oldest_message_alarm" { + description = "Create a CloudWatch alarm when the oldest visible message age breaches the configured threshold on the main queue" + type = bool + default = true +} + +variable "queue_oldest_message_alarm_config" { + description = "Map of optional CloudWatch alarm settings for the main queue oldest message age alarm. Supported keys: comparison_operator, evaluation_periods, period, statistic, threshold, actions_enabled, treat_missing_data" + type = map(any) + default = {} } variable "max_receive_count" { From a69112d616d44d493f37ef0cd7625cd5a351c7d5 Mon Sep 17 00:00:00 2001 From: jamesthompson26-nhs Date: Thu, 7 May 2026 14:08:11 +0100 Subject: [PATCH 3/4] CCM-14783: Add SQS DLQ Alarm and Oldest Message Alarms --- infrastructure/terraform/modules/sqs/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/terraform/modules/sqs/README.md b/infrastructure/terraform/modules/sqs/README.md index b9b9763..7bb7bdd 100644 --- a/infrastructure/terraform/modules/sqs/README.md +++ b/infrastructure/terraform/modules/sqs/README.md @@ -18,7 +18,7 @@ | [create\_dlq](#input\_create\_dlq) | Create a DLQ | `bool` | `false` | no | | [default\_tags](#input\_default\_tags) | A map of default tags to apply to all taggable resources within the component | `map(string)` | `{}` | no | | [delay\_seconds](#input\_delay\_seconds) | Time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). | `number` | `0` | no | -| [dlq\_alarm\_config](#input\_dlq\_alarm\_config) | Map of optional CloudWatch alarm settings for the DLQ messages alarm. Supported keys: comparison\\_operator, evaluation\\_periods, period, statistic, threshold, actions\\_enabled, treat\\_missing\\_data | `map(any)` | `{}` | no | +| [dlq\_alarm\_config](#input\_dlq\_alarm\_config) | Map of optional CloudWatch alarm settings for the DLQ messages alarm. Supported keys: comparison\_operator, evaluation\_periods, period, statistic, threshold, actions\_enabled, treat\_missing\_data | `map(any)` | `{}` | no | | [dlq\_message\_retention\_seconds](#input\_dlq\_message\_retention\_seconds) | The number of seconds Amazon SQS retains a message on the DLQ. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days) | `number` | `1209600` | no | | [enable\_dlq\_alarm](#input\_enable\_dlq\_alarm) | Create a CloudWatch alarm when messages are visible in the DLQ | `bool` | `true` | no | | [enable\_queue\_oldest\_message\_alarm](#input\_enable\_queue\_oldest\_message\_alarm) | Create a CloudWatch alarm when the oldest visible message age breaches the configured threshold on the main queue | `bool` | `true` | no | @@ -30,7 +30,7 @@ | [message\_retention\_seconds](#input\_message\_retention\_seconds) | The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days) | `number` | `null` | no | | [name](#input\_name) | Name of the SQS Queue | `string` | n/a | yes | | [project](#input\_project) | The name of the tfscaffold project | `string` | n/a | yes | -| [queue\_oldest\_message\_alarm\_config](#input\_queue\_oldest\_message\_alarm\_config) | Map of optional CloudWatch alarm settings for the main queue oldest message age alarm. Supported keys: comparison\\_operator, evaluation\\_periods, period, statistic, threshold, actions\\_enabled, treat\\_missing\\_data | `map(any)` | `{}` | no | +| [queue\_oldest\_message\_alarm\_config](#input\_queue\_oldest\_message\_alarm\_config) | Map of optional CloudWatch alarm settings for the main queue oldest message age alarm. Supported keys: comparison\_operator, evaluation\_periods, period, statistic, threshold, actions\_enabled, treat\_missing\_data | `map(any)` | `{}` | no | | [region](#input\_region) | The AWS Region | `string` | n/a | yes | | [sqs\_kms\_key\_arn](#input\_sqs\_kms\_key\_arn) | ARN of the KMS key to encrypt SQS queue messages | `string` | n/a | yes | | [sqs\_policy\_overload](#input\_sqs\_policy\_overload) | Optional additional policy to extend the SQS Resource Policy | `string` | `""` | no | From 94497c5c8efcadef94f48a1ffb75c9bfbc3b3bae Mon Sep 17 00:00:00 2001 From: jamesthompson26-nhs Date: Thu, 7 May 2026 14:18:33 +0100 Subject: [PATCH 4/4] CCM-14783: Add SQS DLQ Alarm and Oldest Message Alarms --- .../terraform/modules/sqs/README.md | 4 +-- .../cloudwatch_metric_alarm_dlq_messages.tf | 14 +++++----- ...watch_metric_alarm_queue_oldest_message.tf | 14 +++++----- .../terraform/modules/sqs/variables.tf | 28 +++++++++++++++---- 4 files changed, 38 insertions(+), 22 deletions(-) diff --git a/infrastructure/terraform/modules/sqs/README.md b/infrastructure/terraform/modules/sqs/README.md index 7bb7bdd..61bb29c 100644 --- a/infrastructure/terraform/modules/sqs/README.md +++ b/infrastructure/terraform/modules/sqs/README.md @@ -18,7 +18,7 @@ | [create\_dlq](#input\_create\_dlq) | Create a DLQ | `bool` | `false` | no | | [default\_tags](#input\_default\_tags) | A map of default tags to apply to all taggable resources within the component | `map(string)` | `{}` | no | | [delay\_seconds](#input\_delay\_seconds) | Time in seconds that the delivery of all messages in the queue will be delayed. An integer from 0 to 900 (15 minutes). | `number` | `0` | no | -| [dlq\_alarm\_config](#input\_dlq\_alarm\_config) | Map of optional CloudWatch alarm settings for the DLQ messages alarm. Supported keys: comparison\_operator, evaluation\_periods, period, statistic, threshold, actions\_enabled, treat\_missing\_data | `map(any)` | `{}` | no | +| [dlq\_alarm\_config](#input\_dlq\_alarm\_config) | Object of optional CloudWatch alarm settings for the DLQ messages alarm | 
object({
    comparison_operator = optional(string, "GreaterThanThreshold")
    evaluation_periods  = optional(number, 1)
    period              = optional(number, 300)
    statistic           = optional(string, "Sum")
    threshold           = optional(number, 0)
    actions_enabled     = optional(bool, true)
    treat_missing_data  = optional(string, "notBreaching")
  })
| `{}` | no | | [dlq\_message\_retention\_seconds](#input\_dlq\_message\_retention\_seconds) | The number of seconds Amazon SQS retains a message on the DLQ. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days) | `number` | `1209600` | no | | [enable\_dlq\_alarm](#input\_enable\_dlq\_alarm) | Create a CloudWatch alarm when messages are visible in the DLQ | `bool` | `true` | no | | [enable\_queue\_oldest\_message\_alarm](#input\_enable\_queue\_oldest\_message\_alarm) | Create a CloudWatch alarm when the oldest visible message age breaches the configured threshold on the main queue | `bool` | `true` | no | @@ -30,7 +30,7 @@ | [message\_retention\_seconds](#input\_message\_retention\_seconds) | The number of seconds Amazon SQS retains a message. Integer representing seconds, from 60 (1 minute) to 1209600 (14 days) | `number` | `null` | no | | [name](#input\_name) | Name of the SQS Queue | `string` | n/a | yes | | [project](#input\_project) | The name of the tfscaffold project | `string` | n/a | yes | -| [queue\_oldest\_message\_alarm\_config](#input\_queue\_oldest\_message\_alarm\_config) | Map of optional CloudWatch alarm settings for the main queue oldest message age alarm. Supported keys: comparison\_operator, evaluation\_periods, period, statistic, threshold, actions\_enabled, treat\_missing\_data | `map(any)` | `{}` | no | +| [queue\_oldest\_message\_alarm\_config](#input\_queue\_oldest\_message\_alarm\_config) | Object of optional CloudWatch alarm settings for the main queue oldest message age alarm | 
object({
    comparison_operator = optional(string, "GreaterThanThreshold")
    evaluation_periods  = optional(number, 1)
    period              = optional(number, 300)
    statistic           = optional(string, "Maximum")
    threshold           = optional(number, 300)
    actions_enabled     = optional(bool, true)
    treat_missing_data  = optional(string, "notBreaching")
  })
| `{}` | no | | [region](#input\_region) | The AWS Region | `string` | n/a | yes | | [sqs\_kms\_key\_arn](#input\_sqs\_kms\_key\_arn) | ARN of the KMS key to encrypt SQS queue messages | `string` | n/a | yes | | [sqs\_policy\_overload](#input\_sqs\_policy\_overload) | Optional additional policy to extend the SQS Resource Policy | `string` | `""` | no | diff --git a/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf index b58b85e..facee8a 100644 --- a/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf +++ b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_dlq_messages.tf @@ -3,15 +3,15 @@ resource "aws_cloudwatch_metric_alarm" "dlq_messages" { alarm_name = "${local.csi}-dlq-messages-alarm" alarm_description = "RELIABILITY: Alarm for messages in the DLQ" - comparison_operator = lookup(var.dlq_alarm_config, "comparison_operator", "GreaterThanThreshold") - evaluation_periods = lookup(var.dlq_alarm_config, "evaluation_periods", 1) + comparison_operator = var.dlq_alarm_config.comparison_operator + evaluation_periods = var.dlq_alarm_config.evaluation_periods metric_name = "ApproximateNumberOfMessagesVisible" namespace = "AWS/SQS" - period = lookup(var.dlq_alarm_config, "period", 300) - statistic = lookup(var.dlq_alarm_config, "statistic", "Sum") - threshold = lookup(var.dlq_alarm_config, "threshold", 0) - actions_enabled = lookup(var.dlq_alarm_config, "actions_enabled", true) - treat_missing_data = lookup(var.dlq_alarm_config, "treat_missing_data", "notBreaching") + period = var.dlq_alarm_config.period + statistic = var.dlq_alarm_config.statistic + threshold = var.dlq_alarm_config.threshold + actions_enabled = var.dlq_alarm_config.actions_enabled + treat_missing_data = var.dlq_alarm_config.treat_missing_data dimensions = { QueueName = aws_sqs_queue.deadletter_queue[0].name diff --git a/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_queue_oldest_message.tf b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_queue_oldest_message.tf index 8cf0aba..c00b420 100644 --- a/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_queue_oldest_message.tf +++ b/infrastructure/terraform/modules/sqs/cloudwatch_metric_alarm_queue_oldest_message.tf @@ -3,15 +3,15 @@ resource "aws_cloudwatch_metric_alarm" "queue_oldest_message" { alarm_name = "${local.csi}-queue-oldest-message-alarm" alarm_description = "RELIABILITY: Alarm for old messages in the queue" - comparison_operator = lookup(var.queue_oldest_message_alarm_config, "comparison_operator", "GreaterThanThreshold") - evaluation_periods = lookup(var.queue_oldest_message_alarm_config, "evaluation_periods", 1) + comparison_operator = var.queue_oldest_message_alarm_config.comparison_operator + evaluation_periods = var.queue_oldest_message_alarm_config.evaluation_periods metric_name = "ApproximateAgeOfOldestMessage" namespace = "AWS/SQS" - period = lookup(var.queue_oldest_message_alarm_config, "period", 300) - statistic = lookup(var.queue_oldest_message_alarm_config, "statistic", "Maximum") - threshold = lookup(var.queue_oldest_message_alarm_config, "threshold", 300) - actions_enabled = lookup(var.queue_oldest_message_alarm_config, "actions_enabled", true) - treat_missing_data = lookup(var.queue_oldest_message_alarm_config, "treat_missing_data", "notBreaching") + period = var.queue_oldest_message_alarm_config.period + statistic = var.queue_oldest_message_alarm_config.statistic + threshold = var.queue_oldest_message_alarm_config.threshold + actions_enabled = var.queue_oldest_message_alarm_config.actions_enabled + treat_missing_data = var.queue_oldest_message_alarm_config.treat_missing_data dimensions = { QueueName = aws_sqs_queue.sqs_queue.name diff --git a/infrastructure/terraform/modules/sqs/variables.tf b/infrastructure/terraform/modules/sqs/variables.tf index 4a89fd4..8cfa8bc 100644 --- a/infrastructure/terraform/modules/sqs/variables.tf +++ b/infrastructure/terraform/modules/sqs/variables.tf @@ -124,9 +124,17 @@ variable "enable_dlq_alarm" { } variable "dlq_alarm_config" { - description = "Map of optional CloudWatch alarm settings for the DLQ messages alarm. Supported keys: comparison_operator, evaluation_periods, period, statistic, threshold, actions_enabled, treat_missing_data" - type = map(any) - default = {} + description = "Object of optional CloudWatch alarm settings for the DLQ messages alarm" + type = object({ + comparison_operator = optional(string, "GreaterThanThreshold") + evaluation_periods = optional(number, 1) + period = optional(number, 300) + statistic = optional(string, "Sum") + threshold = optional(number, 0) + actions_enabled = optional(bool, true) + treat_missing_data = optional(string, "notBreaching") + }) + default = {} } variable "enable_queue_oldest_message_alarm" { @@ -136,9 +144,17 @@ variable "enable_queue_oldest_message_alarm" { } variable "queue_oldest_message_alarm_config" { - description = "Map of optional CloudWatch alarm settings for the main queue oldest message age alarm. Supported keys: comparison_operator, evaluation_periods, period, statistic, threshold, actions_enabled, treat_missing_data" - type = map(any) - default = {} + description = "Object of optional CloudWatch alarm settings for the main queue oldest message age alarm" + type = object({ + comparison_operator = optional(string, "GreaterThanThreshold") + evaluation_periods = optional(number, 1) + period = optional(number, 300) + statistic = optional(string, "Maximum") + threshold = optional(number, 300) + actions_enabled = optional(bool, true) + treat_missing_data = optional(string, "notBreaching") + }) + default = {} } variable "max_receive_count" {