Open menu
-->

AWS SQS Best Practices

Amazon Simple Queue Service (SQS) is a fully managed message queue service that is fast, reliable, and scalable.



Amazon Simple Queue Service (SQS) is a fully managed message queue service that is fast, reliable, and scalable. SQS allows you to offload the administrative burden of operating a highly available messaging cluster, while reducing your costs by only paying for what you use. You can use SQS to manage the transmission of any amount of data, at any level of throughput, while remaining confident that no message will be lost.

Cloud Conformity checks Amazon Simple Queue Service (Amazon SQS) service according to the following rules:

AWS SQS Dead Letter Queues
Ensure there is a Dead Letter Queue configured for each Amazon SQS queue.

AWS SQS Unknown Cross Account Access
Ensure AWS Simple Queue Service (SQS) queues do not allow unknown cross account access.

Use AWS KMS Customer Master Keys for SQS Queues Encryption
Ensure SQS queues are encrypted with KMS CMKs to gain full control over data encryption and decryption.

AWS SQS exposed queues
Ensure that AWS Simple Queue Service (SQS) queues are not exposed to everyone.

SQS Queue Unprocessed Messages
Ensure AWS SQS queues do not retain a high number of unprocessed messages.

SQS Server Side Encryption
Ensure Amazon SQS queues enforce Server-Side Encryption (SSE).