From e6a608881545ad9b9881b909649fd8abd96e4717 Mon Sep 17 00:00:00 2001
From: Phil Snyder <subfivemile@gmail.com>
Date: Wed, 23 Mar 2022 12:24:10 -0700
Subject: [PATCH 1/3] Add SQS queue and policy template

---
 templates/sqs-queue.yaml | 72 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 72 insertions(+)
 create mode 100644 templates/sqs-queue.yaml

diff --git a/templates/sqs-queue.yaml b/templates/sqs-queue.yaml
new file mode 100644
index 0000000..a9cdf31
--- /dev/null
+++ b/templates/sqs-queue.yaml
@@ -0,0 +1,72 @@
+AWSTemplateFormatVersion: '2010-09-09'
+
+Description: >
+  Creates an SQS queue and corresponding dead-letter queue and
+  subscribes that queue to an SNS topic
+
+Parameters:
+
+  PrimaryQueueName:
+    Type: String
+    Description: Name of the SQS queue
+
+  DeadLetterQueueName:
+    Type: String
+    Description: Name of the corresponding dead-letter SQS queue
+
+Resources:
+
+  PrimaryQueue:
+    Type: AWS::SQS::Queue
+    Properties:
+      DelaySeconds: 0
+      MessageRetentionPeriod: 86400
+      QueueName: !Ref PrimaryQueueName
+      ReceiveMessageWaitTimeSeconds: 20
+      RedrivePolicy:
+        deadLetterTargetArn: !GetAtt DeadLetterQueue.Arn
+        maxReceiveCount: 3
+      VisibilityTimeout: 120
+
+  PrimaryQueuePolicy:
+    Type: AWS::SQS::QueuePolicy
+    Properties:
+      PolicyDocument:
+        Version: '2012-10-17'
+        Statement:
+        - Sid: Admin
+          Effect: Allow
+          Principal:
+            AWS: !Sub '${AWS::AccountId}'
+          Action:
+          - SQS:*
+          Resource: !Ref PrimaryQueue
+      Queues:
+      - !Ref PrimaryQueue
+
+  DeadLetterQueue:
+    Type: AWS::SQS::Queue
+    Properties:
+      DelaySeconds: 0
+      MessageRetentionPeriod: 1209600
+      QueueName: !Ref DeadLetterQueueName
+      ReceiveMessageWaitTimeSeconds: 10
+      RedriveAllowPolicy:
+        redrivePermission: 'allowAll'
+      VisibilityTimeout: 30
+
+  DeadLetterQueuePolicy:
+    Type: AWS::SQS::QueuePolicy
+    Properties:
+      PolicyDocument:
+        Version: '2012-10-17'
+        Statement:
+        - Sid: Admin
+          Effect: Allow
+          Principal:
+            AWS: !Sub '${AWS::AccountId}'
+          Action:
+          - SQS:*
+          Resource: !Ref DeadLetterQueue
+      Queues:
+      - !Ref DeadLetterQueue

From edf186260176180a556b33a24ae352aecd4cc0c7 Mon Sep 17 00:00:00 2001
From: Phil Snyder <subfivemile@gmail.com>
Date: Wed, 23 Mar 2022 15:14:41 -0700
Subject: [PATCH 2/3] Add sqs-queue config

---
 .pre-commit-config.yaml       | 6 +++---
 config/develop/sqs-queue.yaml | 7 +++++++
 2 files changed, 10 insertions(+), 3 deletions(-)
 create mode 100644 config/develop/sqs-queue.yaml

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 58966ac..554ad54 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.0.1
+    rev: v4.1.0
     hooks:
       - id: end-of-file-fixer
       - id: trailing-whitespace
@@ -9,12 +9,12 @@ repos:
     hooks:
       - id: yamllint
   - repo: https://github.com/awslabs/cfn-python-lint
-    rev: v0.54.0
+    rev: v0.58.4
     hooks:
       - id: cfn-python-lint
         files: templates/.*\.(json|yml|yaml)$
   - repo: https://github.com/Lucas-C/pre-commit-hooks
-    rev: v1.1.10
+    rev: v1.1.13
     hooks:
       - id: remove-tabs
   # - repo: https://github.com/pycqa/pylint
diff --git a/config/develop/sqs-queue.yaml b/config/develop/sqs-queue.yaml
new file mode 100644
index 0000000..3dfe56e
--- /dev/null
+++ b/config/develop/sqs-queue.yaml
@@ -0,0 +1,7 @@
+template_path: sqs-queue.yaml
+stack_name: sqsqueue
+parameters:
+  PrimaryQueueName: my_queue
+  DeadLetterQueueName: my_dead_letter_queue
+stack_tags:
+  {{ stack_group_config.default_stack_tags }}

From eb230b5fb4daa252dc7cde80dfa9008c15758fec Mon Sep 17 00:00:00 2001
From: Phil Snyder <subfivemile@gmail.com>
Date: Fri, 25 Mar 2022 15:16:39 -0700
Subject: [PATCH 3/3] Namespace SQS queues and add SNS resources to SQS
 template

---
 config/develop/namespaced/sqs-queue.yaml |  4 +++
 config/develop/sqs-queue.yaml            |  7 -----
 templates/sqs-queue.yaml                 | 35 ++++++++++++++++--------
 3 files changed, 27 insertions(+), 19 deletions(-)
 create mode 100644 config/develop/namespaced/sqs-queue.yaml
 delete mode 100644 config/develop/sqs-queue.yaml

diff --git a/config/develop/namespaced/sqs-queue.yaml b/config/develop/namespaced/sqs-queue.yaml
new file mode 100644
index 0000000..01a4a4e
--- /dev/null
+++ b/config/develop/namespaced/sqs-queue.yaml
@@ -0,0 +1,4 @@
+template_path: sqs-queue.yaml
+stack_name: '{{ stack_group_config.namespace }}-sqs-SNSToLambda'
+stack_tags:
+  {{ stack_group_config.default_stack_tags }}
diff --git a/config/develop/sqs-queue.yaml b/config/develop/sqs-queue.yaml
deleted file mode 100644
index 3dfe56e..0000000
--- a/config/develop/sqs-queue.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-template_path: sqs-queue.yaml
-stack_name: sqsqueue
-parameters:
-  PrimaryQueueName: my_queue
-  DeadLetterQueueName: my_dead_letter_queue
-stack_tags:
-  {{ stack_group_config.default_stack_tags }}
diff --git a/templates/sqs-queue.yaml b/templates/sqs-queue.yaml
index a9cdf31..b32a48d 100644
--- a/templates/sqs-queue.yaml
+++ b/templates/sqs-queue.yaml
@@ -4,16 +4,6 @@ Description: >
   Creates an SQS queue and corresponding dead-letter queue and
   subscribes that queue to an SNS topic
 
-Parameters:
-
-  PrimaryQueueName:
-    Type: String
-    Description: Name of the SQS queue
-
-  DeadLetterQueueName:
-    Type: String
-    Description: Name of the corresponding dead-letter SQS queue
-
 Resources:
 
   PrimaryQueue:
@@ -21,7 +11,7 @@ Resources:
     Properties:
       DelaySeconds: 0
       MessageRetentionPeriod: 86400
-      QueueName: !Ref PrimaryQueueName
+      QueueName: !Sub '${AWS::StackName}-Queue'
       ReceiveMessageWaitTimeSeconds: 20
       RedrivePolicy:
         deadLetterTargetArn: !GetAtt DeadLetterQueue.Arn
@@ -41,6 +31,17 @@ Resources:
           Action:
           - SQS:*
           Resource: !Ref PrimaryQueue
+        - Sid: SNS
+          Effect: Allow
+          Principal:
+            AWS: '*'
+          Action:
+          - SQS:SendMessage
+          Resource: !Ref PrimaryQueue
+          Condition:
+            ArnEquals:
+              'aws:SourceArn': !Ref SnsTopic
+
       Queues:
       - !Ref PrimaryQueue
 
@@ -49,7 +50,7 @@ Resources:
     Properties:
       DelaySeconds: 0
       MessageRetentionPeriod: 1209600
-      QueueName: !Ref DeadLetterQueueName
+      QueueName: !Sub '${AWS::StackName}-DeadLetterQueue'
       ReceiveMessageWaitTimeSeconds: 10
       RedriveAllowPolicy:
         redrivePermission: 'allowAll'
@@ -70,3 +71,13 @@ Resources:
           Resource: !Ref DeadLetterQueue
       Queues:
       - !Ref DeadLetterQueue
+
+  SnsTopic:
+    Type: AWS::SNS::Topic
+
+  SnsSubscription:
+    Type: AWS::SNS::Subscription
+    Properties:
+      Protocol: sqs
+      TopicArn: !Ref SnsTopic
+      Endpoint: !GetAtt PrimaryQueue.Arn