[BUG] CloudFormation does not apply SQS `ContentBasedDeduplication` or create SNS SQS subscriptions correctly

[danielkita]

Service

CloudFormation, SQS, SNS

AWS API Action

cloudformation create-stack with:

• AWS::SQS::Queue
• AWS::SNS::Topic
• AWS::SNS::Subscription

Expected behavior

A CloudFormation stack containing a FIFO SQS queue with:

ContentBasedDeduplication: true

should create the queue with ContentBasedDeduplication=true.

A CloudFormation stack containing an SNS to SQS subscription with:

RawMessageDelivery: "true"
FilterPolicyScope: MessageBody
FilterPolicy:
  eventType:
    - wanted

should create a real SNS subscription visible via sns list-subscriptions, with those subscription attributes applied.

Direct SNS/SQS APIs in Floci appear to support this correctly via sqs set-queue-attributes and sns subscribe --attributes.

Actual behavior

CloudFormation reports the resources as created, but the resulting service state is wrong:

{
  "beforePatch": {
    "queueContentBasedDeduplication": "false",
    "subscriptionCountForTopic": 0
  }
}

The CloudFormation stack resource list includes the subscription:

{
  "logicalId": "Subscription",
  "type": "AWS::SNS::Subscription",
  "physicalId": "Subscription-d81234b8"
}

…but sns list-subscriptions shows no actual subscription for the topic.

Direct API repair works:

{
  "afterDirectApiRepair": {
    "queueContentBasedDeduplication": "true",
    "rawMessageDelivery": "true",
    "filterPolicyScope": "MessageBody",
    "filterPolicy": "{\"eventType\":[\"wanted\"]}"
  }
}

Reproduction

export AWS_ACCESS_KEY_ID=test
export AWS_SECRET_ACCESS_KEY=test
export AWS_DEFAULT_REGION=us-east-1
export ENDPOINT=http://localhost:4566
export STACK=poc-floci-cfn-sns-sqs-attrs

cat > /tmp/floci-cfn-sns-sqs-attrs.json <<'JSON'
{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Resources": {
    "Dlq": {
      "Type": "AWS::SQS::Queue",
      "Properties": {
        "QueueName": "poc-floci-cfn-sns-sqs-attrs-dlq.fifo",
        "FifoQueue": true,
        "ContentBasedDeduplication": true
      }
    },
    "Queue": {
      "Type": "AWS::SQS::Queue",
      "Properties": {
        "QueueName": "poc-floci-cfn-sns-sqs-attrs.fifo",
        "FifoQueue": true,
        "ContentBasedDeduplication": true
      }
    },
    "Topic": {
      "Type": "AWS::SNS::Topic",
      "Properties": {
        "TopicName": "poc-floci-cfn-sns-sqs-attrs-topic.fifo",
        "FifoTopic": true,
        "ContentBasedDeduplication": true
      }
    },
    "Subscription": {
      "Type": "AWS::SNS::Subscription",
      "Properties": {
        "TopicArn": { "Ref": "Topic" },
        "Protocol": "sqs",
        "Endpoint": { "Fn::GetAtt": ["Queue", "Arn"] },
        "RawMessageDelivery": "true",
        "FilterPolicyScope": "MessageBody",
        "FilterPolicy": {
          "eventType": ["wanted"]
        }
      }
    }
  }
}
JSON

aws --endpoint-url "$ENDPOINT" cloudformation create-stack \
  --stack-name "$STACK" \
  --template-body file:///tmp/floci-cfn-sns-sqs-attrs.json

aws --endpoint-url "$ENDPOINT" cloudformation list-stack-resources \
  --stack-name "$STACK"

QUEUE_URL=$(aws --endpoint-url "$ENDPOINT" cloudformation list-stack-resources \
  --stack-name "$STACK" \
  --query "StackResourceSummaries[?LogicalResourceId=='Queue'].PhysicalResourceId" \
  --output text)

aws --endpoint-url "$ENDPOINT" sqs get-queue-attributes \
  --queue-url "$QUEUE_URL" \
  --attribute-names All \
  --query "Attributes.ContentBasedDeduplication"

aws --endpoint-url "$ENDPOINT" sns list-subscriptions

Expected:

"true"

and one subscription for poc-floci-cfn-sns-sqs-attrs-topic.fifo.

Actual:

"false"

and no real subscription is listed, despite CloudFormation reporting an AWS::SNS::Subscription stack resource.

Environment

• Floci version / image tag: 1.5.15
• Java SDK version: N/A
• How running Floci: Docker

[Arthur-0896]

Hi @hectorvent, Can I give this a try please?

[hectorvent]

Sure @Arthur-0896, assigning it to you.