Standard Queue (sqs)
Standard Queue + DLQ
code:hcl(rb)
# DLQ(失敗メッセージの避難先)
resource "aws_sqs_queue" "orders_dlq" {
name = "orders-dlq"
message_retention_seconds = 1209600 # 14 days
sqs_managed_sse_enabled = true
}
# 本番キュー(Standard)
resource "aws_sqs_queue" "orders" {
name = "orders"
visibility_timeout_seconds = 60 # 処理にかかる想定時間に合わせる
receive_wait_time_seconds = 20 # Long Polling
message_retention_seconds = 345600 # 4 days
sqs_managed_sse_enabled = true
# 失敗を DLQ に逃がす
redrive_policy = jsonencode({
deadLetterTargetArn = aws_sqs_queue.orders_dlq.arn
maxReceiveCount = 5 # 5回失敗したら DLQ へ
})
}
# 例:特定の IAM ロールからの Send/Receive を許可するポリシー(任意)
data "aws_iam_policy_document" "orders_policy" {
statement {
sid = "AllowFromAppRole"
effect = "Allow"
actions = "sqs:SendMessage", "sqs:ReceiveMessage", "sqs:DeleteMessage", "sqs:GetQueueAttributes"
principals {
type = "AWS"
identifiers = "arn:aws:iam::123456789012:role/app-svc-role"
}
resources = aws_sqs_queue.orders.arn
}
}
resource "aws_sqs_queue_policy" "orders" {
queue_url = aws_sqs_queue.orders.id
policy = data.aws_iam_policy_document.orders_policy.json
}
resource "aws_sqs_queue"
resource "aws_sqs_queue_policy"