austoonz · January 23, 2024 22:35
diff --git a/SQS-SNS-Subscription b/SQS-SNS-Subscription
 ---
 AWSTemplateFormatVersion: '2010-09-09'

 Description: SQS Queue subscribed to an SNS Topic

 Parameters:

  SourceSNSTopicArn:
    Type: String
    Description: SNS Topic Arn to subscribe the SQS Queue to

 Metadata:

  AWS::CloudFormation::Interface:
    ParameterLabels:
      SourceSNSTopicArn:
        default: SNS Topic Arn

 Resources:

  SQSQueue:
    Type: AWS::SQS::Queue
    Properties:
      VisibilityTimeout: 180
      RedrivePolicy:
        deadLetterTargetArn: !GetAtt DeadLetterQueue.Arn
        maxReceiveCount: 3
      Tags:
        -
          Key: StackId
          Value: !Ref AWS::StackId

  SQSQueuePolicy:
    Type: AWS::SQS::QueuePolicy
    Properties:
      Queues:
        - !Ref SQSQueue
      PolicyDocument:
        Id: AllowIncomingAccess
        Statement:
          -
            Effect: Allow
            Principal:
              AWS:
                - !Ref AWS::AccountId
            Action:
              - sqs:SendMessage
              - sqs:ReceiveMessage
            Resource:
              - !GetAtt SQSQueue.Arn
          -
            Effect: Allow
            Principal: '*'
            Action:
              - sqs:SendMessage
            Resource:
              - !GetAtt SQSQueue.Arn
            Condition:
              ArnEquals:
                aws:SourceArn: !Ref SourceSNSTopicArn

  DeadLetterQueue:
    Type: AWS::SQS::Queue
    Properties:
      VisibilityTimeout: 160
      Tags:
        -
          Key: StackId
          Value: !Ref AWS::StackId

  SNSSubscription:
    Type: AWS::SNS::Subscription
    Properties:
      TopicArn: !Ref SourceSNSTopicArn
      Endpoint: !GetAtt SQSQueue.Arn
      Protocol: sqs
      RawMessageDelivery: true

  SQSQueueAgeOfOldestMessage:
    Type: AWS::CloudWatch::Alarm
    Properties:
      AlarmName: SQSQueue_AgeOfOldestMessage
      AlarmDescription: Alarms if the SQS Queue has messages in it for too long
      ComparisonOperator: GreaterThanThreshold
      Dimensions:
        - Name: QueueName
          Value: !GetAtt SQSQueue.QueueName
      DatapointsToAlarm: 2
      EvaluationPeriods: 3
      MetricName: ApproximateAgeOfOldestMessage
      Namespace: AWS/SQS
      Period: 300
      Statistic: Maximum
      Threshold: 30
      TreatMissingData: notBreaching
      Unit: Seconds

  DeadLetterQueueApproximateNumberOfMessagesVisible:
    Type: AWS::CloudWatch::Alarm
    Properties:
      AlarmName: DeadLetterQueue_ApproximateNumberOfMessagesVisible
      AlarmDescription: Alarms if the Dead Letter Queue has too many messages
      ComparisonOperator: GreaterThanOrEqualToThreshold
      Dimensions:
        - Name: QueueName
          Value: !GetAtt DeadLetterQueue.QueueName
      DatapointsToAlarm: 2
      EvaluationPeriods: 3
      MetricName: ApproximateNumberOfMessagesVisible
      Namespace: AWS/SQS
      Period: 300
      Statistic: Maximum
      Threshold: 1
      TreatMissingData: notBreaching

 Outputs:

  SQSQueueArn:
    Value: !GetAtt SQSQueue.Arn
	---
	AWSTemplateFormatVersion: '2010-09-09'

	Description: SQS Queue subscribed to an SNS Topic

	Parameters:

	SourceSNSTopicArn:
	Type: String
	Description: SNS Topic Arn to subscribe the SQS Queue to

	Metadata:

	AWS::CloudFormation::Interface:
	ParameterLabels:
	SourceSNSTopicArn:
	default: SNS Topic Arn

	Resources:

	SQSQueue:
	Type: AWS::SQS::Queue
	Properties:
	VisibilityTimeout: 180
	RedrivePolicy:
	deadLetterTargetArn: !GetAtt DeadLetterQueue.Arn
	maxReceiveCount: 3
	Tags:
	-
	Key: StackId
	Value: !Ref AWS::StackId

	SQSQueuePolicy:
	Type: AWS::SQS::QueuePolicy
	Properties:
	Queues:
	- !Ref SQSQueue
	PolicyDocument:
	Id: AllowIncomingAccess
	Statement:
	-
	Effect: Allow
	Principal:
	AWS:
	- !Ref AWS::AccountId
	Action:
	- sqs:SendMessage
	- sqs:ReceiveMessage
	Resource:
	- !GetAtt SQSQueue.Arn
	-
	Effect: Allow
	Principal: '*'
	Action:
	- sqs:SendMessage
	Resource:
	- !GetAtt SQSQueue.Arn
	Condition:
	ArnEquals:
	aws:SourceArn: !Ref SourceSNSTopicArn

	DeadLetterQueue:
	Type: AWS::SQS::Queue
	Properties:
	VisibilityTimeout: 160
	Tags:
	-
	Key: StackId
	Value: !Ref AWS::StackId

	SNSSubscription:
	Type: AWS::SNS::Subscription
	Properties:
	TopicArn: !Ref SourceSNSTopicArn
	Endpoint: !GetAtt SQSQueue.Arn
	Protocol: sqs
	RawMessageDelivery: true

	SQSQueueAgeOfOldestMessage:
	Type: AWS::CloudWatch::Alarm
	Properties:
	AlarmName: SQSQueue_AgeOfOldestMessage
	AlarmDescription: Alarms if the SQS Queue has messages in it for too long
	ComparisonOperator: GreaterThanThreshold
	Dimensions:
	- Name: QueueName
	Value: !GetAtt SQSQueue.QueueName
	DatapointsToAlarm: 2
	EvaluationPeriods: 3
	MetricName: ApproximateAgeOfOldestMessage
	Namespace: AWS/SQS
	Period: 300
	Statistic: Maximum
	Threshold: 30
	TreatMissingData: notBreaching
	Unit: Seconds

	DeadLetterQueueApproximateNumberOfMessagesVisible:
	Type: AWS::CloudWatch::Alarm
	Properties:
	AlarmName: DeadLetterQueue_ApproximateNumberOfMessagesVisible
	AlarmDescription: Alarms if the Dead Letter Queue has too many messages
	ComparisonOperator: GreaterThanOrEqualToThreshold
	Dimensions:
	- Name: QueueName
	Value: !GetAtt DeadLetterQueue.QueueName
	DatapointsToAlarm: 2
	EvaluationPeriods: 3
	MetricName: ApproximateNumberOfMessagesVisible
	Namespace: AWS/SQS
	Period: 300
	Statistic: Maximum
	Threshold: 1
	TreatMissingData: notBreaching

	Outputs:

	SQSQueueArn:
	Value: !GetAtt SQSQueue.Arn