github.com/argoproj/argo-cd/v3@v3.2.1/docs/operator-manual/notifications/services/awssqs.md (about) 1 # AWS SQS 2 3 ## Parameters 4 5 This notification service is capable of sending simple messages to AWS SQS queue. 6 7 * `queue` - name of the queue you are intending to send messages to. Can be overridden with target destination annotation. 8 * `region` - region of the sqs queue can be provided via env variable AWS_DEFAULT_REGION 9 * `key` - optional, aws access key must be either referenced from a secret via variable or via env variable AWS_ACCESS_KEY_ID 10 * `secret` - optional, aws access secret must be either referenced from a secret via variable or via env variable AWS_SECRET_ACCESS_KEY 11 * `account` optional, external accountId of the queue 12 * `endpointUrl` optional, useful for development with localstack 13 14 ## Example 15 16 ### Using Secret for credential retrieval: 17 18 Resource Annotation: 19 ```yaml 20 apiVersion: apps/v1 21 kind: Deployment 22 metadata: 23 name: nginx-deployment 24 annotations: 25 notifications.argoproj.io/subscribe.on-deployment-ready.awssqs: "overwrite-myqueue" 26 ``` 27 28 * ConfigMap 29 ```yaml 30 apiVersion: v1 31 kind: ConfigMap 32 metadata: 33 name: argocd-notifications-cm 34 data: 35 service.awssqs: | 36 region: "us-east-2" 37 queue: "myqueue" 38 account: "1234567" 39 key: "$awsaccess_key" 40 secret: "$awsaccess_secret" 41 42 template.deployment-ready: | 43 message: | 44 Deployment {{.obj.metadata.name}} is ready! 45 46 trigger.on-deployment-ready: | 47 - when: any(obj.status.conditions, {.type == 'Available' && .status == 'True'}) 48 send: [deployment-ready] 49 - oncePer: obj.metadata.annotations["generation"] 50 51 ``` 52 Secret 53 ```yaml 54 apiVersion: v1 55 kind: Secret 56 metadata: 57 name: <secret-name> 58 stringData: 59 awsaccess_key: test 60 awsaccess_secret: test 61 ``` 62 63 64 ### Minimal configuration using AWS Env variables 65 66 Ensure the following list of environment variables are injected via OIDC, or another method. And assuming SQS is local to the account. 67 You may skip usage of secret for sensitive data and omit other parameters. (Setting parameters via ConfigMap takes precedent.) 68 69 Variables: 70 71 ```bash 72 export AWS_ACCESS_KEY_ID="test" 73 export AWS_SECRET_ACCESS_KEY="test" 74 export AWS_DEFAULT_REGION="us-east-1" 75 ``` 76 77 Resource Annotation: 78 ```yaml 79 apiVersion: apps/v1 80 kind: Deployment 81 metadata: 82 name: nginx-deployment 83 annotations: 84 notifications.argoproj.io/subscribe.on-deployment-ready.awssqs: "" 85 ``` 86 87 * ConfigMap 88 ```yaml 89 apiVersion: v1 90 kind: ConfigMap 91 metadata: 92 name: argocd-notifications-cm 93 data: 94 service.awssqs: | 95 queue: "myqueue" 96 97 template.deployment-ready: | 98 message: | 99 Deployment {{.obj.metadata.name}} is ready! 100 101 trigger.on-deployment-ready: | 102 - when: any(obj.status.conditions, {.type == 'Available' && .status == 'True'}) 103 send: [deployment-ready] 104 - oncePer: obj.metadata.annotations["generation"] 105 106 ``` 107 108 ## FIFO SQS Queues 109 110 FIFO queues require a [MessageGroupId](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html#SQS-SendMessage-request-MessageGroupId) to be sent along with every message, every message with a matching MessageGroupId will be processed one by one in order. 111 112 To send to a FIFO SQS Queue you must include a `messageGroupId` in the template such as in the example below: 113 114 ```yaml 115 template.deployment-ready: | 116 message: | 117 Deployment {{.obj.metadata.name}} is ready! 118 messageGroupId: {{.obj.metadata.name}}-deployment 119 ```