From accc566633d25215af2474d04226720559c23dcb Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Fri, 26 Nov 2021 09:28:59 -0500
Subject: [PATCH] change retention

---
 cloudtrail/sqs.tf  | 18 ++++++++++--------
 common/defaults.tf |  6 ++++++
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/cloudtrail/sqs.tf b/cloudtrail/sqs.tf
index 67a3525..9593422 100644
--- a/cloudtrail/sqs.tf
+++ b/cloudtrail/sqs.tf
@@ -1,10 +1,11 @@
 resource "aws_sqs_queue" "cloudtrail_deadletter" {
   count = var.enable_sqs ? 1 : 0
   # delay=0 retention=4d max=256k visibility=1h
-  name                       = format("%v-deadletter", local.name)
-  delay_seconds              = 0
-  max_message_size           = 262144
-  message_retention_seconds  = 345600
+  name                      = format("%v-deadletter", local.name)
+  delay_seconds             = 0
+  max_message_size          = 262144
+  message_retention_seconds = lookup(locals._defaults["sqs_deadletter"], "message_retention_seconds", 1 * 86400)
+  #  message_retention_seconds  = 345600
   receive_wait_time_seconds  = 15
   visibility_timeout_seconds = 3600
 
@@ -46,10 +47,11 @@ data "aws_iam_policy_document" "cloudtrail_deadletter" {
 resource "aws_sqs_queue" "cloudtrail" {
   count = var.enable_sqs ? 1 : 0
   # delay=0 retention=7d max=256k visibity=2h
-  name                       = local.name
-  delay_seconds              = 0
-  max_message_size           = 262144
-  message_retention_seconds  = 604800
+  name                      = local.name
+  delay_seconds             = 0
+  max_message_size          = 262144
+  message_retention_seconds = lookup(locals._defaults["sqs_deadletter"], "message_retention_seconds", 7 * 86400)
+  #  message_retention_seconds  = 604800
   receive_wait_time_seconds  = 15
   visibility_timeout_seconds = 7200
 
diff --git a/common/defaults.tf b/common/defaults.tf
index 2d08c8d..6a1f087 100644
--- a/common/defaults.tf
+++ b/common/defaults.tf
@@ -29,6 +29,12 @@ locals {
     "cloudwatch" = {
       "retention_in_days" = 14
     }
+    "sqs" = {
+      "message_retention_seconds" = 14 * 86400
+    }
+    "sqs_deadletter" = {
+      "message_retention_seconds" = 7 * 86400
+    }
     "splunk_description" = {
       "api_list" = [
         "ec2_volumes", "ec2_instances", "ec2_reserved_instances", "ec2_key_pairs", "ec2_security_groups", "ec2_images", "ec2_addresses",