[DEV-2072] Use the ddb streams event id as SQS message group id (#1282)

* feat: add ecs variables for active campaign

* fix: use ddb stream as sqs fifo dedup id

* fix: conflict on cms ecs

* chore: changeset added

* feat: added alarms

* chore: ran terraform fmt

* fix: alarms thresholds

.changeset/gorgeous-ghosts-float.md

@@ -0,0 +1,5 @@
+---
+"infrastructure": patch
+---
+
+Use the ddb stream event id as message group id in sqs

apps/infrastructure/src/modules/active_campaign/cloudwatch_metrics_alarms.tf

@@ -0,0 +1,66 @@
+# CloudWatch Metrics and Alarms for Active Campaign Sync Resources
+
+resource "aws_cloudwatch_metric_alarm" "pipe_failed" {
+  alarm_name          = "${local.prefix}-webinar-subs-pipe-errors"
+  comparison_operator = "GreaterThanOrEqualToThreshold"
+  evaluation_periods  = 1
+  period              = 60
+  statistic           = "Sum"
+  threshold           = 1
+  metric_name         = "ExecutionFailed"
+  namespace           = "AWS/EventBridge/Pipes"
+  dimensions = {
+    PipeName = aws_pipes_pipe.dynamodb_to_sqs.name
+  }
+  alarm_description         = "This metric monitors the webinar subscriptions eventbridge pipe failures"
+  insufficient_data_actions = []
+  alarm_actions             = [aws_sns_topic.alerts.arn]
+}
+
+resource "aws_cloudwatch_metric_alarm" "dlq" {
+  alarm_name          = "${local.prefix}-sqs-messages-in-dlq"
+  comparison_operator = "GreaterThanOrEqualToThreshold"
+  evaluation_periods  = 1
+  period              = 60
+  statistic           = "Sum"
+  threshold           = 1
+  metric_name         = "ApproximateNumberOfMessagesVisible"
+  namespace           = "AWS/SQS"
+  dimensions = {
+    QueueName = aws_sqs_queue.fifo_dlq_queue.name
+  }
+  alarm_description         = "This metric monitors messages put in the dead letter queue"
+  insufficient_data_actions = []
+  alarm_actions             = [aws_sns_topic.alerts.arn]
+}
+
+# SNS Topic for Alarms
+resource "aws_sns_topic" "alerts" {
+  name = "${local.prefix}-cloudwatch-alarms"
+}
+
+resource "aws_sns_topic_policy" "alerts" {
+  arn = aws_sns_topic.alerts.arn
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Sid    = "AllowCloudWatchAlarms"
+        Effect = "Allow"
+        Principal = {
+          Service = "cloudwatch.amazonaws.com"
+        }
+        Action   = "sns:Publish"
+        Resource = aws_sns_topic.alerts.arn
+        Condition = {
+          ArnLike = {
+            "aws:SourceArn" = "arn:aws:cloudwatch:${var.aws_region}:${data.aws_caller_identity.current.account_id}:alarm:*"
+          }
+          StringEquals = {
+            "aws:SourceAccount" = data.aws_caller_identity.current.account_id
+          }
+        }
+      }
+    ]
+  })
+}

apps/infrastructure/src/modules/active_campaign/eventbridge.tf

@@ -29,11 +29,12 @@ resource "aws_pipes_pipe" "dynamodb_to_sqs" {
       "sub": "<$.dynamodb.Keys.username.S>"
     }
   },
-  "webinarId": "<$.dynamodb.Keys.webinarId.S>"
+  "webinarId": "<$.dynamodb.Keys.webinarId.S>",
+  "eventID": "<$.eventID>"
 }
 EOF
     sqs_queue_parameters {
-      message_group_id = local.sqs_message_group_id
+      message_group_id = "$.eventID"
     }
   }
 }

apps/infrastructure/src/modules/active_campaign/sqs.tf

@@ -3,8 +3,8 @@ resource "aws_sqs_queue" "fifo_queue" {
   name                        = "${local.prefix}-events.fifo"
   fifo_queue                  = true
   content_based_deduplication = true
-  deduplication_scope         = "messageGroup"
-  fifo_throughput_limit       = "perMessageGroupId"
+  deduplication_scope         = "queue"
+  fifo_throughput_limit       = "perQueue"
 
   redrive_policy = jsonencode({
     deadLetterTargetArn = aws_sqs_queue.fifo_dlq_queue.arn