Merge pull request #54 from tenable/fixjoinawscolon

Added test case of aws::* string in ref which causes scan to fail
tenable · Dec 18, 2023 · 3feb0bf · 3feb0bf
2 parents 1724a25 + 14da14b
commit 3feb0bf
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/cft/sqs/policy/deploy.yml b/cft/sqs/policy/deploy.yml
@@ -17,3 +17,24 @@ Resources:
             - "SQS:ReceiveMessage"
           Effect: "Allow"
           Principal: "*"
+
+  AlarmNumMessagesExceedsThreshold:
+    Type: AWS::CloudWatch::Alarm
+    DependsOn: SQSQueueProduct
+    Properties:
+      AlarmName: !Join [ "-", [ "sqs", !Ref QueueName, "num-exceeded" ] ]
+      AlarmDescription: 'CloudWatch Alarm'
+      AlarmActions: 
+        - !Join [ ":", [ "arn:aws:sns", !Ref AWS::Region, !Ref AWS::AccountId , "Direct-Customer-Alerts"  ] ]
+      Namespace: AWS/SQS
+      MetricName: ApproximateNumberOfMessages
+      Dimensions:
+        - Name: "QueueName"
+          Value: !Ref QueueName
+      ComparisonOperator: GreaterThanOrEqualToThreshold
+      EvaluationPeriods: 2    
+      Period: 300              
+      Statistic: SampleCount   
+      Threshold: !Ref AlarmNumMessageReceivedThreshold  # Desired threshold of approx. number of messages received
+
+