I wasn't able to find an option to attach security groups to AWS SQS instance. Why isn't it required? Is the queue secured only using the AWS credentials which are used to connect to the account?
You can't include AWS SQS into your VPC. This is a fully managed service.
You can secure the SQS Queue with IAM roles. You need to give permission to whoever uses this queue to allow to read/write/access from the queue.