如何解決為使用 for_each 創建的死信隊列添加 SQS 重新驅動策略時的錯誤消息

Question

我希望 terraform 將我的 SQS 管理事件與我的 DLQ 管理事件相關聯，並且我希望對 SQS 數據事件和 DLQ 數據事件做同樣的事情。當我在下面的代碼上運行應用程序時，我收到錯誤消息。請我需要一些幫助。

.tfvars

sqs_queue_names = ["CloudTrail_SQS_Management_Event", "CloudTrail_SQS_Data_Event"]

dead_queue_names = ["CloudTrail_DLQ_Management_Event", "CloudTrail_DLQ_Data_Event"]

variable.tf 

variable "sqs_queue_names"{
  description = "The name of different SQS to be created"
  type        = set(string)
}

variable "dead_queue_names"{
  description = "The name of different Dead Queues to be created"
  type        = set(string)
}

main.tf

resource "aws_sqs_queue" "CloudTrail_SQS"{

    for_each                   = var.sqs_queue_names
    name                       = each.value
    redrive_policy = jsonencode({
        deadLetterTargetArn    = values(aws_sqs_queue.CloudTrail_SQS_DLQ)[*].arn
        maxReceiveCount        = var.max_receive_count
    })

    tags = var.default_tags
    
}

resource "aws_sqs_queue" "CloudTrail_SQS_DLQ"{

    for_each                   = var.dead_queue_names
    name                       = each.value
   
    tags = var.default_tags
}

ERROR MESSAGES:
Error: error creating SQS Queue (CloudTrail_SQS_Management_Event): InvalidParameterValue: Value {"deadLetterTargetArn":["arn:aws:sqs:us-east-1:123456789012:CloudTrail_DLQ_Data_Event","arn:aws:sqs:us-east-1:123456789012:CloudTrail_DLQ_Management_Event"],"maxReceiveCount":10} for parameter RedrivePolicy is invalid. Reason: Invalid value for deadLetterTargetArn.
│       status code: 400, request id: 9663b896-d86f-569e-92e2-e17152c2db26
│ 
│   with aws_sqs_queue.CloudTrail_SQS["CloudTrail_SQS_Management_Event"],
│   on main.tf line 5, in resource "aws_sqs_queue" "CloudTrail_SQS":
│    5: resource "aws_sqs_queue" "CloudTrail_SQS"{
│ 
╵
╷
│ Error: error creating SQS Queue (CloudTrail_SQS_Data_Event): InvalidParameterValue: Value {"deadLetterTargetArn":["arn:aws:sqs:us-east-1:123456789012:CloudTrail_DLQ_Data_Event","arn:aws:sqs:us-east-1:123456789012:CloudTrail_DLQ_Management_Event"],"maxReceiveCount":10} for parameter RedrivePolicy is invalid. Reason: Invalid value for deadLetterTargetArn.
│       status code: 400, request id: 88b8e4c5-1d50-5559-92f8-bd2297fd231f
│ 
│   with aws_sqs_queue.CloudTrail_SQS["CloudTrail_SQS_Data_Event"],
│   on main.tf line 5, in resource "aws_sqs_queue" "CloudTrail_SQS":
│    5: resource "aws_sqs_queue" "CloudTrail_SQS"{

Answer 1

這里的問題是您沒有將死信隊列與相應的 SQS 隊列相關聯。 values(aws_sqs_queue.CloudTrail_SQS_DLQ)[*].arn - 這實質上傳遞了每個 SQS 隊列的每個死信隊列 ARN，它不會僅傳遞給正確的 ARN。

為了克服這個問題，我建議創建一個模塊，我們可以在其中將 SQS 隊列及其 DLQ 聯系在一起。 我們現在可以命名為my_sqs ：

my_sqs/variables.tf ：

variable "sqs_queue_name"{
  description = "The name of different SQS to be created"
  type        = string
}

variable "dead_queue_name"{
  description = "The name of different Dead Queues to be created"
  type        = string
}

variable "max_receive_count" {
    type = number
}

my_sqs/main.tf ：

resource "aws_sqs_queue" "sqs" {
  name  = var.sqs_queue_name

  redrive_policy = jsonencode({
    deadLetterTargetArn = aws_sqs_queue.dlq.arn
    maxReceiveCount     = var.max_receive_count
  })
}

resource "aws_sqs_queue" "dlq" {
  name  = var.dead_queue_name
}

現在我們可以像這樣使用這個模塊：

variables.tf ：

# Please not, we are tying the SQS and the DQL together here as well.
variable "queue_names" {
  default = [
    {
      sqs_name = "CloudTrail_SQS_Management_Event"
      dlq_name = "CloudTrail_DLQ_Management_Event"
    },
    {
      sqs_name = "CloudTrail_SQS_Data_Event"
      dlq_name = "CloudTrail_DLQ_Data_Event"
    }
  ]
}

從main.tf我們調用我們上面創建的模塊：

main.tf ：

module "my_sqs" {
  source = "./my_sqs"
  for_each = {
    for sqs, dlq in var.queue_names : sqs => dlq
  }
  sqs_queue_name    = each.value.sqs_name
  dead_queue_name   = each.value.dlq_name
  max_receive_count = 4
}

請注意，此示例可能適用於最新的 Terraform 版本。 它可能不適用於不支持在module上使用for_each的舊版本。