In the SQS Dashboard, click on Queues in the left-hand menu to see a list of existing queues.
Click on a queue name to explore its details, including Queue type (Standard or FIFO), Access policy, Attributes, Monitoring, and Dead-letter queue settings.
Queue Details:
The queue details page provides insights into its Configuration, Access policy, Message attributes, and Monitoring.
3. Exploring the AWS Well-Architected Framework Pillars
In the Monitoring tab of a queue, review key metrics like NumberOfMessagesSent, NumberOfMessagesReceived, ApproximateNumberOfMessagesVisible, and ApproximateAgeOfOldestMessage. Monitoring these metrics helps maintain operational efficiency by giving insights into message traffic and processing delays.
Dead-Letter Queues (DLQs):
Under the Configuration section of the queue, check if a Dead-letter queue is configured. DLQs capture messages that fail processing after a set number of attempts, helping identify operational issues such as message processing errors or application bottlenecks.
Message Retention Period:
Review the Message retention period in the Queue details section. This setting defines how long messages are kept in the queue before being deleted. Properly setting this period helps manage message processing and ensures that messages are not lost if they cannot be processed immediately.
Queue Types:
In the Queue details section, check if the queue is a Standard or FIFO queue. Choose the appropriate type based on your operational needs: Standard for best-effort ordering and high throughput or FIFO for strict ordering and exactly-once processing.
In the Access policy section of the queue details, review the queue's permissions. Ensure that the policy follows the principle of least privilege, allowing only specific IAM users, roles, or services to send, receive, or delete messages.
Encryption:
Under the Queue details section, check if Server-side encryption (SSE) is enabled for the queue. SSE encrypts messages using an AWS Key Management Service (KMS) key to protect sensitive data stored in the queue.
Cross-Account Access:
If the queue is shared across AWS accounts, review the Access policy for any cross-account permissions. Ensure that only trusted accounts and roles have access, and that access policies are limited to necessary actions.
Message Integrity:
Ensure that sensitive information passed as Message attributes is encrypted if necessary. Proper management of message integrity helps prevent unauthorized access to message content.
Verify if a DLQ is associated with the queue. DLQs store messages that could not be processed successfully after a defined number of attempts, enabling reliable error handling and troubleshooting.
Redrive Policy:
In the queue configuration, review the Redrive policy settings, which control how many times a message can be unsuccessfully processed before being sent to the DLQ. This helps ensure that faulty messages do not clog the main queue and affect processing.
Message Visibility Timeout:
Check the Visibility timeout setting in the Queue details. Properly configuring this timeout ensures that messages are not reprocessed while they are being handled by an application, maintaining message reliability.
Message Retention:
Confirm the Message retention period is set appropriately to maintain messages for the necessary duration, ensuring that unprocessed messages are not lost before they can be handled.
In the Monitoring tab, review metrics such as NumberOfMessagesSent and NumberOfMessagesDeleted. Analyzing these metrics helps you identify unused or overused queues, allowing you to optimize your usage and potentially reduce costs.
Message Size:
Check the Message size and payloads. For large payloads, consider using Amazon S3 for storage and sending pointers to S3 objects in SQS messages. This practice reduces costs associated with SQS message storage.
Reduce Unnecessary Retention:
In the Queue details, verify the Message retention period. Set an appropriate retention period to avoid unnecessary storage costs associated with keeping messages longer than needed.
Choose the Right Queue Type:
Review whether the queue is Standard or FIFO. FIFO queues incur higher costs but provide exactly-once processing and strict message ordering. Ensure you use FIFO only when strict ordering is essential to avoid unnecessary expenses.
Check if the queue is Standard or FIFO in the Queue details. Use Standard queues for high throughput and FIFO queues for ordered and deduplicated message processing. Choosing the right queue type optimizes performance based on your workload.
Message Visibility Timeout:
Ensure that the Visibility timeout is set to a value that matches your application’s processing time. This prevents premature message reprocessing, optimizing the performance of your message-handling application.
Long Polling:
Verify if Receive message wait time (long polling) is enabled in the Queue details section. Long polling reduces the number of empty responses and thus the number of API requests, improving efficiency and reducing costs.
Monitor Queue Backlogs:
Under the Monitoring tab, monitor metrics like ApproximateNumberOfMessagesVisible and ApproximateNumberOfMessagesNotVisible to identify message backlogs. Addressing backlogs promptly ensures efficient message processing and optimal application performance.
Use Amazon CloudWatch to set up alarms for critical metrics like ApproximateAgeOfOldestMessage and NumberOfMessagesSent. This allows for proactive monitoring of your queues and helps maintain operational excellence and reliability.
AWS Config and Security Hub:
If AWS Config and AWS Security Hub are enabled, review compliance findings related to SQS configurations. This ensures that your queues adhere to security best practices, such as using encryption and appropriate access policies.