Skip to main content

AWS - SQS

This Integration is part of the AWS - SQS Pack.#

Amazon Web Services Simple Queuing Service (SQS)

For more information regarding the AWS SQS service, please visit the official documentation found here.

For detailed instructions about setting up authentication, see: AWS Integrations - Authentication.

Configure AWS - SQS in Cortex#

ParameterDescriptionRequired
AWS Default RegionThe AWS Region for this instance of the integration. For example, us-west-2False
Role ArnThe Amazon Resource Name (ARN) role used for EC2 instance authentication. If this is used, an access key and secret key are not required.False
Role Session NameA descriptive name for the assumed role session. For example, xsiam-IAM.integration-Role_SESSIONFalse
Access KeyThe access key ID used for authentication, that was configured during IAM user configuration. If this is used, Role ARN is not required.False
Secret KeyThe secret key used for authentication, that was configured during IAM user configuration. If this is used, Role ARN is not required.False
Role Session DurationThe maximum length of each session in seconds. Default: 900 seconds. The XSOAR integration will have the permissions assigned only when the session is initiated and for the defined duration.False
Queue URLURL of an existing Amazon SQS queue.False
TimeoutThe time in seconds till a timeout exception is reached. You can specify just the read timeout (for example 60) or also the connect timeout followed after a comma (for example 60,10). If a connect timeout is not specified a default of 10 second will be used.False
RetriesThe maximum number of retry attempts when connection or throttling errors are encountered. Set to 0 to disable retries. The default value is 5 and the limit is 10. Note: Increasing the number of retries will increase the execution time. More details about the retries strategy is available here.False
Fetch incidentsFalse
Maximum incidents for one fetch. Hard cap of 100.Maximum number of incidents for a single fetch.10
First fetch timestampFirst fetch query <number> <time unit>, e.g., 7 days. Default 3 days)False
Incident typeFalse
Use system proxy settingsFalse
Trust any certificate (not secure)False
Parse SQS message body as a JSON stringFalse

There are three options to sign in to the service:#

  1. Provide Access Key ID and Secret Key ID.
  2. Provide Role ARN and Access Key ID and Secret Key ID.
  3. Do not provide any credentials or Role ARN other than permissions pulled from the service metadata.

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

aws-sqs-get-queue-url#


Returns the URL of an existing queue. To access a queue that belongs to another AWS account, use the queueOwnerAWSAccountId parameter to specify the account ID of the queues owner. The queues owner must grant you permission to access the queue.

Base Command#

aws-sqs-get-queue-url

Input#

Argument NameDescriptionRequired
queueNameThe name of the queue.Required
queueOwnerAWSAccountIdThe AWS account ID of the account that created the queue.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

PathTypeDescription
AWS.SQS.Queues.QueueUrlstringThe URL of the queue.

Command Example#

!aws-sqs-get-queue-url queueName=test

Human Readable Output#

AWS SQS Queues

QueueUrltest.queue.amazonaws.com/1234567/test

aws-sqs-list-queues#


Returns a list of your queues. The maximum number of queues that can be returned is 1,000. If you specify a value for the optional QueueNamePrefix parameter, only queues with a name that begins with the specified value are returned.

Base Command#

aws-sqs-list-queues

Input#

Argument NameDescriptionRequired
queueNamePrefixA string to use for filtering the list results. Only those queues whose name begins with the specified string are returned. Queue names are case-sensitive.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

PathTypeDescription
AWS.SQS.Queues.QueueUrlstringThe URL of the queue.

Command Example#

!aws-sqs-list-queues

Human Readable Output#

AWS SQS Queues

QueueUrl
test.queue.amazonaws.com/1234567/test1
test.queue.amazonaws.com/1234567/test2

aws-sqs-send-message#


Delivers a message to the specified queue.

Base Command#

aws-sqs-send-message

Input#

Argument NameDescriptionRequired
queueUrlThe URL of the Amazon SQS queue to which a message is sent.Required
messageBodyThe message to send. The maximum string size is 256 KB.Required
delaySecondsThe length of time, in seconds, for which to delay a specific message. Valid values 0 to 900. Maximum 15 minutes.Optional
messageGroupIdThis parameter applies only to FIFO queues. The tag that specifies that a message belongs to a specific message group.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

PathTypeDescription
AWS.SQS.Queues.SentMessages.MD5OfMessageBodystringAn MD5 digest of the non-URL-encoded message attribute string.
AWS.SQS.Queues.SentMessages.MD5OfMessageAttributesstringAn MD5 digest of the non-URL-encoded message attribute string.
AWS.SQS.Queues.SentMessages.MessageIdstringAn attribute containing the MessageId of the message sent to the queue.
AWS.SQS.Queues.SentMessages.SequenceNumberstringThis parameter applies only to FIFO (first-in-first-out) queues. The large, non-consecutive number that Amazon SQS assigns to each message.

Command Example#

!aws-sqs-send-message queueUrl=test.queue.amazonaws.com/1234567/test2 messageBody="test"

Human Readable Output#

AWS SQS Queues sent messages

MD5OfMessageBody123a4bcd4621d373cade4e832627b4f6
MessageId1a2bc456-1e23-45e6-b789-b1af23c4f56f
QueueUrltest.queue.amazonaws.com/1234567/test2

aws-sqs-create-queue#


Creates a new standard or FIFO queue. You can pass one or more attributes in the request.

Base Command#

aws-sqs-create-queue

Input#

Argument NameDescriptionRequired
queueNameThe name of the new queue.Required
delaySecondsThe length of time, in seconds, for which the delivery of all messages in the queue is delayed. Valid values An integer from 0 to 900 seconds (15 minutes). The default is 0 (zero).Optional
maximumMessageSizeThe limit of how many bytes a message can contain before Amazon SQS rejects it. Valid values An integer from 1,024 bytes (1 KiB) to 262,144 bytes (256 KiB). The default is 262,144 (256 KiB).Optional
messageRetentionPeriodThe length of time, in seconds, for which Amazon SQS retains a message. Valid values An integer from 60 seconds (1 minute) to 1,209,600 seconds (14 days). The default is 345,600 (4 days).Optional
receiveMessageWaitTimeSecondsThe length of time, in seconds, for which a ReceiveMessage action waits for a message to arrive. Valid values An integer from 0 to 20 (seconds). The default is 0 (zero).Optional
visibilityTimeoutThe visibility timeout for the queue. Valid values An integer from 0 to 43,200 (12 hours). The default is 30.Optional
kmsDataKeyReusePeriodSecondsThe length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. An integer representing seconds, between 60 seconds (1 minute) and 86,400 seconds (24 hours). The default is 300 (5 minutes). A shorter time period provides better security but results in more calls to KMS which might incur charges after Free Tier.Optional
kmsMasterKeyIdThe ID of an AWS-managed customer master key (CMK) for Amazon SQS or a custom CMK.Optional
policyThe queues policy. A valid AWS policy.Optional
fifoQueueDesignates a queue as FIFO. Possible values are: True, False.Optional
contentBasedDeduplicationEnables content-based deduplication. Possible values are: True, False.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

PathTypeDescription
AWS.SQS.Queues.QueueUrlunknownThe URL of the created Amazon SQS queue.

Command Example#

!aws-sqs-create-queue queueName=test3

Human Readable Output#

AWS SQS Queues

QueueUrltest.queue.amazonaws.com/1234567/test3

aws-sqs-delete-queue#


Deletes the queue specified by the QueueUrl , regardless of the queue's contents. If the specified queue doesn't exist, Amazon SQS returns a successful response.

Base Command#

aws-sqs-delete-queue

Input#

Argument NameDescriptionRequired
queueUrlThe URL of the Amazon SQS queue to delete.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

There is no context output for this command.

Command Example#

!aws-sqs-delete-queue queueUrl=example.com/123456789/test3

Human Readable Output#

The Queue has been deleted

aws-sqs-purge-queue#


Deletes the messages in a queue specified by the QueueURL parameter.

Base Command#

aws-sqs-purge-queue

Input#

Argument NameDescriptionRequired
queueUrlThe URL of the queue from which the PurgeQueue action deletes messages.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

There is no context output for this command.

Command Example#

!aws-sqs-purge-queue queueUrl=example.com/123456789/test2

Human Readable Output#

The Queue has been Purged