Ensure that each AWS Simple Queue Service (SQS) queue is configured to use a Dead Letter Queue (DLQ) in order to help maintain the queue flow and avoid losing data by detecting and mitigating failures and service disruptions on time. A Dead Letter Queue is an SQS queue useful for debugging your application or your messaging system, that can isolate messages that can't be processed successfully for later analysis.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Enabling Dead Letter Queues (DLQs) for your SQS queues can help you troubleshoot incorrect message transmission operations that can lead to data loss. Use DLQs to decrease the number of unprocessed messages and reduce the possibility of exposing your queues to poison pill messages (i.e. messages that are received but can't be processed for some reason).
To determine if Dead Letter Queues are enabled for your AWS SQS queues, perform the following:
Remediation / Resolution
To create and configure a Dead Letter Queue in order to prevent endless processing of invalid messages for your AWS SQS queues, perform the following actions:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
SQS Dead Letter Queue
Risk level: Low