cdk-nag icon indicating copy to clipboard operation
cdk-nag copied to clipboard

Published 20 hours ago verified publisher icon cdklabs

feat: rule checking for SQS visbility timeout being correctly sized in a Lambda EventSourceMapping

Open robert-hanuschke opened this issue 4 months ago • 0 comments

Description

Recommendation in the SQS docs:

To allow your function time to process each batch of records, set the source queue's visibility timeout to at least six times the timeout that you configure on your function. The extra time allows for Lambda to retry if your function is throttled while processing a previous batch.

There currently is no rule checking this.

Use Case

Having a rule for this check can prevent configurations resulting in duplicate processing of queue items due to visibility timeout being too low.

Proposed Solution

Rule that checks Lambda CfnEventSourceMappings for an associated SQS CfnQueue and compares the visibilityTimeout setting to the Lambda CfnFunction timeout setting.

Other information

I think I can implement this and would like to start working on it.

Acknowledge

  • [X] I may be able to implement this feature request
  • [ ] This feature might incur a breaking change

robert-hanuschke avatar Oct 10 '24 07:10 robert-hanuschke