Redrive allow policy in a aws_sqs_queue


Im trying to setup two queues using terraform with the resource ‘aws_sqs_queue’ one is the main queue and the other one is the dead letter queue, i see very clear that from the main queue to configure a dead letter queue i just need to use something like

  redrive_policy = jsonencode({
    deadLetterTargetArn = aws_sqs_queue.events_queue_dead_letter.arn
    maxReceiveCount     = 5

Where i define what is the arn of the dead letter queue and the max recieve count, that ok but im not clear about how should i configure the dead letter queue to only allow messages from this main queue.

In AWS console in the queue edit/add form there are a section called " Redrive allow policy - Optional" where you can configure what queues can use this as dead letter queue

Here you can use Allow all, by queue or deny All, how can i setup this config in the aws_sqs_queue resource in terraform?

1 Like

Hey there, did anyone reach out to you about this? I’m experiencing the same confusion

Nop, still waiting for a response.

Ran into this as well.

Doesn’t look like its covered in this module

A tf plan on a manually added “Redrive allow policy” from the web console doesn’t do any diffs either.

resource “aws_sqs_queue” “regular_queue” {
name = “regular_queue”
fifo_queue = false
visibility_timeout_seconds = 300
delay_seconds = 5
max_message_size = 8192
message_retention_seconds = 86400
receive_wait_time_seconds = 15
redrive_policy = <<DEADLETTER
“deadLetterTargetArn” : “${aws_sqs_queue. deadletter_queue.arn}”,
“maxReceiveCount” : 3
tags = merge(local.tags, map(
“Name”, “regular_queue”