From 30e89b92b6c7e34e4ace30cf2eeeeab2be119cc1 Mon Sep 17 00:00:00 2001 From: Melissa Greenbaum <69476188+magreenbaum@users.noreply.github.com> Date: Mon, 13 Nov 2023 11:04:16 -0500 Subject: [PATCH] feat!: Add `archive_policy` and `replay_policy` configurations and v5 upgrade (#50) Co-authored-by: magreenbaum --- README.md | 6 ++++-- examples/complete/README.md | 6 ++++-- examples/complete/main.tf | 15 +++++++++++++++ examples/complete/outputs.tf | 10 ++++++++++ examples/complete/versions.tf | 2 +- main.tf | 3 +++ outputs.tf | 5 +++++ variables.tf | 6 ++++++ versions.tf | 2 +- wrappers/main.tf | 1 + 10 files changed, 50 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 82e9734..e62aa8d 100644 --- a/README.md +++ b/README.md @@ -135,13 +135,13 @@ module "sns_topic" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.62 | +| [aws](#requirement\_aws) | >= 5.25 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.62 | +| [aws](#provider\_aws) | >= 5.25 | ## Modules @@ -163,6 +163,7 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [application\_feedback](#input\_application\_feedback) | Map of IAM role ARNs and sample rate for success and failure feedback | `map(string)` | `{}` | no | +| [archive\_policy](#input\_archive\_policy) | The message archive policy for FIFO topics. | `string` | `null` | no | | [content\_based\_deduplication](#input\_content\_based\_deduplication) | Boolean indicating whether or not to enable content-based deduplication for FIFO topics. | `bool` | `false` | no | | [create](#input\_create) | Determines whether resources will be created (affects all resources) | `bool` | `true` | no | | [create\_subscription](#input\_create\_subscription) | Determines whether an SNS subscription is created | `bool` | `true` | no | @@ -194,6 +195,7 @@ No modules. |------|-------------| | [subscriptions](#output\_subscriptions) | Map of subscriptions created and their attributes | | [topic\_arn](#output\_topic\_arn) | The ARN of the SNS topic, as a more obvious property (clone of id) | +| [topic\_beginning\_archive\_time](#output\_topic\_beginning\_archive\_time) | The oldest timestamp at which a FIFO topic subscriber can start a replay | | [topic\_id](#output\_topic\_id) | The ARN of the SNS topic | | [topic\_name](#output\_topic\_name) | The name of the topic | | [topic\_owner](#output\_topic\_owner) | The AWS Account ID of the SNS topic owner | diff --git a/examples/complete/README.md b/examples/complete/README.md index 9692aa6..3531c1b 100644 --- a/examples/complete/README.md +++ b/examples/complete/README.md @@ -23,13 +23,13 @@ Note that this example may create resources which cost money. Run `terraform des | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.40 | +| [aws](#requirement\_aws) | >= 5.25 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 4.40 | +| [aws](#provider\_aws) | >= 5.25 | ## Modules @@ -58,11 +58,13 @@ No inputs. |------|-------------| | [complete\_sns\_subscriptions](#output\_complete\_sns\_subscriptions) | Map of subscriptions created and their attributes | | [complete\_sns\_topic\_arn](#output\_complete\_sns\_topic\_arn) | The ARN of the SNS topic, as a more obvious property (clone of id) | +| [complete\_sns\_topic\_beginning\_archive\_time](#output\_complete\_sns\_topic\_beginning\_archive\_time) | The oldest timestamp at which a FIFO topic subscriber can start a replay | | [complete\_sns\_topic\_id](#output\_complete\_sns\_topic\_id) | The ARN of the SNS topic | | [complete\_sns\_topic\_name](#output\_complete\_sns\_topic\_name) | The name of the topic | | [complete\_sns\_topic\_owner](#output\_complete\_sns\_topic\_owner) | The AWS Account ID of the SNS topic owner | | [default\_sns\_subscriptions](#output\_default\_sns\_subscriptions) | Map of subscriptions created and their attributes | | [default\_sns\_topic\_arn](#output\_default\_sns\_topic\_arn) | The ARN of the SNS topic, as a more obvious property (clone of id) | +| [default\_sns\_topic\_beginning\_archive\_time](#output\_default\_sns\_topic\_beginning\_archive\_time) | The oldest timestamp at which a FIFO topic subscriber can start a replay | | [default\_sns\_topic\_id](#output\_default\_sns\_topic\_id) | The ARN of the SNS topic | | [default\_sns\_topic\_name](#output\_default\_sns\_topic\_name) | The name of the topic | | [default\_sns\_topic\_owner](#output\_default\_sns\_topic\_owner) | The AWS Account ID of the SNS topic owner | diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 9f6997b..b024b2d 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -82,6 +82,14 @@ module "complete_sns" { } }) + # # Example config for archive_policy for SNS FIFO message archiving + # # You can not delete a topic with an active message archive policy + # # You must first deactivate the topic before it can be deleted + # # https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-topic-owner.html + # archive_policy = jsonencode({ + # "MessageRetentionPeriod": 30 + # }) + create_topic_policy = true enable_default_topic_policy = true topic_policy_statements = { @@ -116,6 +124,13 @@ module "complete_sns" { sqs = { protocol = "sqs" endpoint = module.sqs.queue_arn + + # # example of replay_policy for SNS FIFO message replay + # # https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-subscriber.html + # replay_policy = jsonencode({ + # "PointType": "Timestamp" + # "StartingPoint": timestamp() + # }) } } diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf index a756ba3..c086335 100644 --- a/examples/complete/outputs.tf +++ b/examples/complete/outputs.tf @@ -22,6 +22,11 @@ output "default_sns_topic_owner" { value = module.default_sns.topic_owner } +output "default_sns_topic_beginning_archive_time" { + description = "The oldest timestamp at which a FIFO topic subscriber can start a replay" + value = module.default_sns.topic_beginning_archive_time +} + output "default_sns_subscriptions" { description = "Map of subscriptions created and their attributes" value = module.default_sns.subscriptions @@ -51,6 +56,11 @@ output "complete_sns_topic_owner" { value = module.complete_sns.topic_owner } +output "complete_sns_topic_beginning_archive_time" { + description = "The oldest timestamp at which a FIFO topic subscriber can start a replay" + value = module.complete_sns.topic_beginning_archive_time +} + output "complete_sns_subscriptions" { description = "Map of subscriptions created and their attributes" value = module.complete_sns.subscriptions diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index fa875db..2c1a62c 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.40" + version = ">= 5.25" } } } diff --git a/main.tf b/main.tf index a589ece..0b0fe6c 100644 --- a/main.tf +++ b/main.tf @@ -41,6 +41,8 @@ resource "aws_sns_topic" "this" { sqs_success_feedback_role_arn = try(var.sqs_feedback.success_role_arn, null) sqs_success_feedback_sample_rate = try(var.sqs_feedback.success_sample_rate, null) + archive_policy = try(var.archive_policy, null) + tags = var.tags } @@ -151,6 +153,7 @@ resource "aws_sns_topic_subscription" "this" { protocol = each.value.protocol raw_message_delivery = try(each.value.raw_message_delivery, null) redrive_policy = try(each.value.redrive_policy, null) + replay_policy = try(each.value.replay_policy, null) subscription_role_arn = try(each.value.subscription_role_arn, null) topic_arn = aws_sns_topic.this[0].arn } diff --git a/outputs.tf b/outputs.tf index c7065c4..e564477 100644 --- a/outputs.tf +++ b/outputs.tf @@ -22,6 +22,11 @@ output "topic_owner" { value = try(aws_sns_topic.this[0].owner, null) } +output "topic_beginning_archive_time" { + description = "The oldest timestamp at which a FIFO topic subscriber can start a replay" + value = try(aws_sns_topic.this[0].beginning_archive_time, null) +} + ################################################################################ # Subscription(s) ################################################################################ diff --git a/variables.tf b/variables.tf index ca5460d..64240e1 100644 --- a/variables.tf +++ b/variables.tf @@ -134,6 +134,12 @@ variable "tracing_config" { default = null } +variable "archive_policy" { + description = "The message archive policy for FIFO topics." + type = string + default = null +} + ################################################################################ # Topic Policy ################################################################################ diff --git a/versions.tf b/versions.tf index 2884bdd..2c1a62c 100644 --- a/versions.tf +++ b/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.62" + version = ">= 5.25" } } } diff --git a/wrappers/main.tf b/wrappers/main.tf index 448c9eb..e032231 100644 --- a/wrappers/main.tf +++ b/wrappers/main.tf @@ -20,6 +20,7 @@ module "wrapper" { sqs_feedback = try(each.value.sqs_feedback, var.defaults.sqs_feedback, {}) signature_version = try(each.value.signature_version, var.defaults.signature_version, null) tracing_config = try(each.value.tracing_config, var.defaults.tracing_config, null) + archive_policy = try(each.value.archive_policy, var.defaults.archive_policy, null) create_topic_policy = try(each.value.create_topic_policy, var.defaults.create_topic_policy, true) source_topic_policy_documents = try(each.value.source_topic_policy_documents, var.defaults.source_topic_policy_documents, []) override_topic_policy_documents = try(each.value.override_topic_policy_documents, var.defaults.override_topic_policy_documents, [])