SQS terraform example

sqs.tf

# SQS template file (templates/sqs.tf)
resource "aws_sqs_queue" "queue" {
  name                       = "tailor-${STAGE}-${S3_BUCKET_PREFIX}"
  visibility_timeout_seconds = "30"
  delay_seconds              = "0"
  max_message_size           = "262144"
  message_retention_seconds  = "345600"
  receive_wait_time_seconds  = "20"
  redrive_policy             = ""
}
resource "aws_iam_policy" "consumer_policy" {
  name = "tailor-${STAGE}-sqs-consumer-${S3_BUCKET_PREFIX}"
policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "sqs:GetQueueAttributes",
        "sqs:GetQueueUrl",
        "sqs:ReceiveMessage",
        "sqs:DeleteMessage*",
        "sqs:PurgeQueue",
        "sqs:ChangeMessageVisibility*"
      ],
      "Resource": [
        "${aws_sqs_queue.queue.arn}"
      ]
    }
  ]
}
EOF
}
resource "aws_iam_policy" "pusher_policy" {
  name = "tailor-${STAGE}-sqs-pusher-${S3_BUCKET_PREFIX}"
policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "sqs:GetQueueAttributes",
        "sqs:GetQueueUrl",
        "sqs:SendMessage*"
      ],
      "Resource": [
        "${aws_sqs_queue.queue.arn}"
      ]
    }
  ]
}
EOF
}
resource "aws_iam_role_policy_attachment" "sqs-attach-masters" {
    role = "${aws_iam_role.masters-${S3_BUCKET_PREFIX}.name}"
    policy_arn = "${aws_iam_policy.consumer_policy.arn}"
}
resource "aws_iam_role_policy_attachment" "sqs-attach-nodes" {
    role = "${aws_iam_role.nodes-${S3_BUCKET_PREFIX}.name}"
    policy_arn = "${aws_iam_policy.consumer_policy.arn}"
}
resource "aws_iam_user_policy_attachment" "sqs-attach-circleci" {
  user = "ci"
  policy_arn = "${aws_iam_policy.pusher_policy.arn}"
}
output "queue_url" {
  value = "${aws_sqs_queue.queue.url}"
}