2

Currently we have a system that processes messages from an external JMS message queue. With our blue-green deployments, part of the activation of a stack is modifying security groups to enable/disable the rules needed to connect to the external JMS queue so that only the active stack can process messages. This works great for our current environment however the external queue is not that reliable so we are looking to replace it with SNS topics + SQS queues. We plan to have a single static SQS queue that is subscribed to the SNS topic. The problem we are having is how to enable/disable access to read from the SQS queue so that we can do blue-green and have only 1 stack able to read from the queue at a time?

Would have multiple instance roles, and part of the activation would be modifying the role to give permission to read from SQS work? Is there a better solution?

Robby Pond
  • 73,164
  • 16
  • 126
  • 119
  • Have you thought about creating the queue with the application deployment? That way when you switch from one env to another the queue is also switched. This could also allow you to change messages attributes and data during a rollout. – strongjz May 15 '17 at 12:47

1 Answers1

0

you can should create SQS queue for each new deployment. But SNS is static.

So you have running version v1. You have SNS topic "SNS" and SQS queue "v1",that subscribed to "SNS".

Then you deployed new version with new SQS "v2". So you have to subcribe it to "SNS". And unsubscribe "v1" from "SNS". You can receive duplication during this switching.I recommend to use deduplication, for example Elasticache

Aleksandr Filichkin
  • 660
  • 2
  • 8
  • 22