From 16d03f31512f4d439aa6707ea2ebbd2c8aa23ac7 Mon Sep 17 00:00:00 2001
From: sidnhs <siddharth.nair1@nhs.net>
Date: Fri, 4 Apr 2025 10:46:43 +0100
Subject: [PATCH] CCM-9378: Allowing sqs service to sendmessage to dlq

---
 ...ta_iam_policy_document_deadletter_queue.tf | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/infrastructure/modules/sqs/data_iam_policy_document_deadletter_queue.tf b/infrastructure/modules/sqs/data_iam_policy_document_deadletter_queue.tf
index a3e0456..36327a9 100644
--- a/infrastructure/modules/sqs/data_iam_policy_document_deadletter_queue.tf
+++ b/infrastructure/modules/sqs/data_iam_policy_document_deadletter_queue.tf
@@ -21,4 +21,24 @@ data "aws_iam_policy_document" "deadletter_queue" {
       identifiers = [var.aws_account_id]
     }
   }
+
+  statement {
+    sid    = "AllowSendMessage"
+    effect = "Allow"
+
+    actions = [
+      "sqs:SendMessage",
+    ]
+
+    resources = [
+      aws_sqs_queue.dlq.arn,
+    ]
+
+    principals {
+      type = "Service"
+      identifiers = [
+        "sqs.amazonaws.com"
+      ]
+    }
+  }
 }