Skip to content

Update docs for setup, SQS, X-Ray, SNS#15

Merged
mcrundo merged 1 commit into
mainfrom
update-docs
Mar 23, 2026
Merged

Update docs for setup, SQS, X-Ray, SNS#15
mcrundo merged 1 commit into
mainfrom
update-docs

Conversation

@mcrundo
Copy link
Copy Markdown
Owner

@mcrundo mcrundo commented Mar 23, 2026

No description provided.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 23, 2026

Terraform Plan 📖success

Show Plan 
aws_cloudwatch_log_group.handler: Refreshing state... [id=/aws/lambda/address-validation-handler-dev]
aws_apigatewayv2_api.this: Refreshing state... [id=py1sucuxvi]
aws_secretsmanager_secret.api_key: Refreshing state... [id=arn:aws:secretsmanager:us-east-2:023179631616:secret:address-validation/dev/api-key]
aws_cloudwatch_log_group.authorizer: Refreshing state... [id=/aws/lambda/address-validation-authorizer-dev]
aws_cloudwatch_log_group.api_gateway: Refreshing state... [id=/aws/apigateway/address-validation-dev]
data.aws_iam_policy_document.lambda_assume_role: Reading...
aws_secretsmanager_secret.google_maps_api_key: Refreshing state... [id=arn:aws:secretsmanager:us-east-2:023179631616:secret:address-validation/dev/google-maps-api-key]
aws_cloudwatch_log_group.health: Refreshing state... [id=/aws/lambda/address-validation-health-dev]
data.aws_iam_policy_document.lambda_assume_role: Read complete after 0s [id=2690255455]
aws_iam_role.lambda_exec: Refreshing state... [id=address-validation-lambda-dev]
data.aws_iam_policy_document.secrets_read: Reading...
data.aws_iam_policy_document.authorizer_secrets: Reading...
data.aws_iam_policy_document.secrets_read: Read complete after 0s [id=3213121637]
data.aws_iam_policy_document.authorizer_secrets: Read complete after 0s [id=2856189735]
data.aws_iam_policy_document.lambda_logs: Reading...
data.aws_iam_policy_document.lambda_logs: Read complete after 0s [id=543498868]
aws_apigatewayv2_stage.default: Refreshing state... [id=$default]
aws_iam_role_policy_attachment.xray: Refreshing state... [id=address-validation-lambda-dev-20260323021610749600000001]
aws_iam_role_policy.authorizer_secrets: Refreshing state... [id=address-validation-lambda-dev:authorizer-secrets-read]
aws_iam_role_policy.lambda_logs: Refreshing state... [id=address-validation-lambda-dev:cloudwatch-logs]
aws_iam_role_policy.secrets_read: Refreshing state... [id=address-validation-lambda-dev:secrets-read]
aws_lambda_function.handler: Refreshing state... [id=address-validation-handler-dev]
aws_lambda_function.health: Refreshing state... [id=address-validation-health-dev]
aws_lambda_function.authorizer: Refreshing state... [id=address-validation-authorizer-dev]
aws_lambda_permission.api_gateway_health: Refreshing state... [id=AllowAPIGatewayInvokeHealth]
aws_apigatewayv2_integration.health: Refreshing state... [id=6ktcygu]
aws_lambda_permission.api_gateway_handler: Refreshing state... [id=AllowAPIGatewayInvokeHandler]
aws_apigatewayv2_integration.handler: Refreshing state... [id=s8f1dfh]
aws_lambda_permission.authorizer_invoke: Refreshing state... [id=AllowAPIGatewayInvokeAuthorizer]
aws_apigatewayv2_authorizer.api_key: Refreshing state... [id=64l2kl]
aws_apigatewayv2_route.health: Refreshing state... [id=8s7aw6n]
aws_apigatewayv2_route.validate: Refreshing state... [id=n68uzib]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
  ~ update in-place
 <= read (data resources)

Terraform will perform the following actions:

  # data.aws_iam_policy_document.dlq_send will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "dlq_send" {
      + id            = (known after apply)
      + json          = (known after apply)
      + minified_json = (known after apply)

      + statement {
          + actions   = [
              + "sqs:SendMessage",
            ]
          + resources = [
              + (known after apply),
            ]
        }
    }

  # aws_cloudwatch_metric_alarm.authorizer_errors will be created
  + resource "aws_cloudwatch_metric_alarm" "authorizer_errors" {
      + actions_enabled                       = true
      + alarm_description                     = "Authorizer Lambda error count > 3 in 5 minutes"
      + alarm_name                            = "address-validation-authorizer-errors-dev"
      + arn                                   = (known after apply)
      + comparison_operator                   = "GreaterThanThreshold"
      + dimensions                            = {
          + "FunctionName" = "address-validation-authorizer-dev"
        }
      + evaluate_low_sample_count_percentiles = (known after apply)
      + evaluation_periods                    = 1
      + id                                    = (known after apply)
      + metric_name                           = "Errors"
      + namespace                             = "AWS/Lambda"
      + period                                = 300
      + statistic                             = "Sum"
      + tags_all                              = (known after apply)
      + threshold                             = 3
      + treat_missing_data                    = "notBreaching"
    }

  # aws_cloudwatch_metric_alarm.dlq_depth will be created
  + resource "aws_cloudwatch_metric_alarm" "dlq_depth" {
      + actions_enabled                       = true
      + alarm_description                     = "Messages in the handler dead letter queue"
      + alarm_name                            = "address-validation-dlq-depth-dev"
      + arn                                   = (known after apply)
      + comparison_operator                   = "GreaterThanThreshold"
      + dimensions                            = {
          + "QueueName" = "address-validation-handler-dlq-dev"
        }
      + evaluate_low_sample_count_percentiles = (known after apply)
      + evaluation_periods                    = 1
      + id                                    = (known after apply)
      + metric_name                           = "ApproximateNumberOfMessagesVisible"
      + namespace                             = "AWS/SQS"
      + period                                = 300
      + statistic                             = "Sum"
      + tags_all                              = (known after apply)
      + threshold                             = 0
      + treat_missing_data                    = "notBreaching"
    }

  # aws_cloudwatch_metric_alarm.handler_duration will be created
  + resource "aws_cloudwatch_metric_alarm" "handler_duration" {
      + actions_enabled                       = true
      + alarm_description                     = "Handler Lambda p99 duration > 5 seconds"
      + alarm_name                            = "address-validation-handler-duration-dev"
      + arn                                   = (known after apply)
      + comparison_operator                   = "GreaterThanThreshold"
      + dimensions                            = {
          + "FunctionName" = "address-validation-handler-dev"
        }
      + evaluate_low_sample_count_percentiles = (known after apply)
      + evaluation_periods                    = 1
      + extended_statistic                    = "p99"
      + id                                    = (known after apply)
      + metric_name                           = "Duration"
      + namespace                             = "AWS/Lambda"
      + period                                = 300
      + tags_all                              = (known after apply)
      + threshold                             = 5000
      + treat_missing_data                    = "notBreaching"
    }

  # aws_cloudwatch_metric_alarm.handler_errors will be created
  + resource "aws_cloudwatch_metric_alarm" "handler_errors" {
      + actions_enabled                       = true
      + alarm_description                     = "Handler Lambda error count > 3 in 5 minutes"
      + alarm_name                            = "address-validation-handler-errors-dev"
      + arn                                   = (known after apply)
      + comparison_operator                   = "GreaterThanThreshold"
      + dimensions                            = {
          + "FunctionName" = "address-validation-handler-dev"
        }
      + evaluate_low_sample_count_percentiles = (known after apply)
      + evaluation_periods                    = 1
      + id                                    = (known after apply)
      + metric_name                           = "Errors"
      + namespace                             = "AWS/Lambda"
      + period                                = 300
      + statistic                             = "Sum"
      + tags_all                              = (known after apply)
      + threshold                             = 3
      + treat_missing_data                    = "notBreaching"
    }

  # aws_cloudwatch_metric_alarm.handler_throttles will be created
  + resource "aws_cloudwatch_metric_alarm" "handler_throttles" {
      + actions_enabled                       = true
      + alarm_description                     = "Handler Lambda is being throttled"
      + alarm_name                            = "address-validation-handler-throttles-dev"
      + arn                                   = (known after apply)
      + comparison_operator                   = "GreaterThanThreshold"
      + dimensions                            = {
          + "FunctionName" = "address-validation-handler-dev"
        }
      + evaluate_low_sample_count_percentiles = (known after apply)
      + evaluation_periods                    = 1
      + id                                    = (known after apply)
      + metric_name                           = "Throttles"
      + namespace                             = "AWS/Lambda"
      + period                                = 300
      + statistic                             = "Sum"
      + tags_all                              = (known after apply)
      + threshold                             = 0
      + treat_missing_data                    = "notBreaching"
    }

  # aws_iam_role_policy.dlq_send will be created
  + resource "aws_iam_role_policy" "dlq_send" {
      + id          = (known after apply)
      + name        = "dlq-send"
      + name_prefix = (known after apply)
      + policy      = (known after apply)
      + role        = "address-validation-lambda-dev"
    }

  # aws_lambda_function.authorizer will be updated in-place
  ~ resource "aws_lambda_function" "authorizer" {
        id                             = "address-validation-authorizer-dev"
      ~ last_modified                  = "2026-03-23T02:16:16.000+0000" -> (known after apply)
      ~ source_code_hash               = "qE9fjoZw/JhYInwjWSJNAcQ3bVFuwD7PQmZ+YgI+qc0=" -> "6F38nL7AlPcWOMc9VF3EjizBDTJC/SHqOwLpkZeDXSA="
        tags                           = {}
        # (21 unchanged attributes hidden)

        # (4 unchanged blocks hidden)
    }

  # aws_lambda_function.handler will be updated in-place
  ~ resource "aws_lambda_function" "handler" {
        id                             = "address-validation-handler-dev"
      ~ last_modified                  = "2026-03-23T02:15:18.000+0000" -> (known after apply)
      ~ source_code_hash               = "4NyQXxPe8H6cQmS5fQc8RLljseAz38XC5H7ZVb7pezs=" -> "6F38nL7AlPcWOMc9VF3EjizBDTJC/SHqOwLpkZeDXSA="
        tags                           = {}
        # (21 unchanged attributes hidden)

      + dead_letter_config {
          + target_arn = (known after apply)
        }

      ~ tracing_config {
          ~ mode = "PassThrough" -> "Active"
        }

        # (3 unchanged blocks hidden)
    }

  # aws_lambda_function.health will be updated in-place
  ~ resource "aws_lambda_function" "health" {
        id                             = "address-validation-health-dev"
      ~ last_modified                  = "2026-03-23T02:16:11.000+0000" -> (known after apply)
      ~ source_code_hash               = "qE9fjoZw/JhYInwjWSJNAcQ3bVFuwD7PQmZ+YgI+qc0=" -> "6F38nL7AlPcWOMc9VF3EjizBDTJC/SHqOwLpkZeDXSA="
        tags                           = {}
        # (21 unchanged attributes hidden)

        # (3 unchanged blocks hidden)
    }

  # aws_sqs_queue.handler_dlq will be created
  + resource "aws_sqs_queue" "handler_dlq" {
      + arn                               = (known after apply)
      + content_based_deduplication       = false
      + deduplication_scope               = (known after apply)
      + delay_seconds                     = 0
      + fifo_queue                        = false
      + fifo_throughput_limit             = (known after apply)
      + id                                = (known after apply)
      + kms_data_key_reuse_period_seconds = (known after apply)
      + max_message_size                  = 262144
      + message_retention_seconds         = 1209600
      + name                              = "address-validation-handler-dlq-dev"
      + name_prefix                       = (known after apply)
      + policy                            = (known after apply)
      + receive_wait_time_seconds         = 0
      + redrive_allow_policy              = (known after apply)
      + redrive_policy                    = (known after apply)
      + sqs_managed_sse_enabled           = (known after apply)
      + tags_all                          = (known after apply)
      + url                               = (known after apply)
      + visibility_timeout_seconds        = 30
    }

Plan: 7 to add, 3 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "tfplan"

Triggered by @mcrundo in commit 8f3f60a

@mcrundo mcrundo merged commit a453103 into main Mar 23, 2026
3 checks passed
@mcrundo mcrundo deleted the update-docs branch March 23, 2026 02:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mcrundo