Skip to main content


[edit on GitHub]

Use the aws_sqs_queues InSpec audit resource to test properties of some or all AWS Simple Queue Service queues.


describe aws_sqs_queues() do
  it { should exist }


This resource does not expect any parameters.

See also the AWS documentation on SQS.


Property Description
arns The ARNs of the SQS Queues.
is_fifo_queues A boolean value indicating if queues are FIFO queues
visibility_timeouts An integer indicating the visibility timeout of the message in seconds
maximum_message_sizes An integer indicating the maximum message size in bytes
message_retention_periods An integer indicating the maximum retention period for a message in seconds
delay_seconds An integer indicating the delay in seconds for the queues
receive_message_wait_timeout_seconds An integer indicating the number of seconds an attempt to receive a message will wait before returning
content_based_deduplications A boolean value indicating if content based deduplication is enabled or not


Ensure that a queue exists and has a visibility timeout of 300 seconds

describe aws_sqs_queues.where(queue_url: '') do
  it { should exist }
  its('visibility_timeout') { should be 300 }


This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our matchers page.


The control will pass if the describe returns at least one result.

Use should_not to test the entity should not exist.

describe aws_sqs_queues() do
  it { should exist }

describe aws_sqs_queues() do
  it { should_not exist }

AWS Permissions

Your Principal will need the sqs:GetQueueAttributes action with Effect set to Allow. You can find detailed documentation at Actions, Resources, and Condition Keys for Amazon SQS.

Was this page helpful?


Search Results