How to create an SQS queue on AWS using Terraform
In this article, we will create an SQS queue using Terraform in "region = eu-west-3". We will also add a policy that will allow all to send messages to the queue. Before we proceed with the article, it is assumed that you already have a basic understanding of SQS and Terraform as well.
After you create an SQS queue, click here if you want to learn to create a subscription between SQS and SNS as it is not in the scope of this article.
In this article, we will create a standard queue. Click here if you want to know more about arguments and properties available in Terraform for SQS. You can use those properties to customize the SQS queue.
Pre-requisites
- Basic understanding of Terraform.
- Terraform installed on your system.
- AWS Account (Create if you don’t have one).
- 'access_key' & 'secret_key' of an AWS IAM User with the required permissions to perform SQS create and delete operations. (Click here to learn to create an IAM user with 'access_key' & 'secret_key' on AWS, )
What we will do
- Write Terraform configuration files for SQS Queue.
- Create an SQS Queue using the Terraform configuration files.
- Delete the created SQS Queue using Terraform.
Write Terraform configuration files for SQS Queue
Let's create a file "main.tf" that will contain the resource definition mentioned below. This will create an SQS in "region = eu-west-3", but if you want to create a queue in another region then you can change its value.
You will find the code on my Github repo on the following link.
Github Link: https://github.com/shivalkarrahul/DevOps/blob/master/aws/terraform/create-sqs-queue/main.tf
File: main.tf
provider "aws" { access_key = "${var.access_key}" secret_key = "${var.secret_key}" region = "eu-west-3" } resource "aws_sqs_queue" "my_first_sqs" { name = var.sqs_name } resource "aws_sqs_queue_policy" "my_sqs_policy" { queue_url = aws_sqs_queue.my_first_sqs.id policy = <<POLICY { "Version": "2012-10-17", "Id": "sqspolicy", "Statement": [ { "Sid": "First", "Effect": "Allow", "Principal": "*", "Action": "sqs:SendMessage", "Resource": "${aws_sqs_queue.my_first_sqs.arn}" } ] } POLICY }
Here,
- name: Value is defined in variables.tf.
- queue_url: Id is retrieved from my_first_sqs queue
Get your AWS IAM user access and secret key and add them to the file "terraform.tfvars". This IAM user must have sufficient permissions on SQS.
Github Link: https://github.com/shivalkarrahul/DevOps/blob/master/aws/terraform/create-sqs-queue/terraform.tfvars
File: terraform.tfvars
access_key = "<your-aws-access-here>"
secret_key = "<your-aws-secret-here>"
Now, create a file "variables.tf" to define variables so that we do not need to hardcode anything in our "main.tf" file. If you want to use some other name for the queue, you can change the "sqs_name" variable.
Github Link: https://github.com/shivalkarrahul/DevOps/blob/master/aws/terraform/create-sqs-queue/variables.tf
File: variables.tf
variable "access_key" { description = "Access key of AWS IAM User with the required permissions for SQS Queue creation and deletion" } variable "secret_key" { description = "Secret key of AWS IAM user with the required permissions for SQS Queue creation and deletion" } variable "sqs_name" { description = "Name of the sqs queue to be created. You can assign any unique name for the Queue" default = "my-first-sqs" }
Here,
- sqs_name: We have specified the default value as my-first-sqs. You can change this and assign a different name to the queue to be created.
Create an SQS Queue using the Terraform configuration files.
Once you have main.tf, terraform.tfvars, and variables.tf you are set to create an SQS queue using Terraform.
The following is the first command to initialize a working directory containing Terraform configuration files.
terraform init
The next command is as follows to create an execution plan. Here, you can come to know what all changes will take place.
terraform plan
Now you are ready to apply the changes required to reach the desired state of the configuration using the following command. This will create an SQS queue in your AWS account under the specified region along with the policy attached to it.
terraform apply
Let's go to the AWS SQS console to check the SQS we just created.
Delete the created SQS Queue using Terraform.
When you no longer need the SQS queue you created and what to delete it, there is no need to go to the AWS console and delete it from there. Instead, you can delete it using the following command very easily. The following command will delete the SQS queue after you confirm the deletion. Once the Queue is deleted, it can not be restored, so be very careful while performing the delete operation.
terraform destroy
Conclusion
In this article, we created an SQS queue with the policy attached to it. We saved our variables in a separate file "variables.tf" so that we don't have to hardcode anything in our main.tf. We saw how easily the resource can be deleted using a single command in Terraform.