Forwarding to Amazon SQS

Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. SQS eliminates the complexity and overhead associated with managing and operating message-oriented middleware, and empowers developers to focus on differentiating work. Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available.

Prerequisites

Event forwards originate from region-specific IPs. For the full list of outbound IPs by region, see SaaS Regions and IP Ranges. Update your firewall and allow inbound requests from these IP addresses to enable Sysdig to handle event forwarding.

Configure Event Forwarding Integration with Amazon SQS

  1. Log in to Sysdig Secure as admin.

  2. From the Settings module, navigate to the Events Forwarding tab.

  3. Click the Add Integration button.

  4. Select Amazon SQS from the drop-down menu.

  5. Configure the required options:

    • Integration Name: Define an integration name.
    • Access Key and Access Secret: Enter your AWS access key and secret
    • Token: Enter the AWS token used
    • Region: Enter the AWS region where you created you Amazon SQS queue
    • Delay Optional: Enter a value (in seconds) between 0 and 900 that a message delivery should be delayed.
    • Metadata Optional: Set up to 10 10 key value headers with which the messages should be tagged. Entries can be string values.
    • Queue: Enter your Amazon SQS queue
    • Data to Send: Select from the drop-down the types of Sysdig data that should be forwarded. The available list depends on the Sysidg features and products you have enabled.
    • Toggle the enable switch as necessary. Remember that you will need to “Test Integration” with the button below before enabling the integration.
  6. Click the Save button to save the integration.