I have a ECS cluster inside the VPC. ECS have to read from a SQS. So, do I need to create SQS in the same VPC for that to communicate? Also, if say, I wanted to communicate outside VPC, how can I do that?
SQS queues do not belong to a specific VPC. There is no networking involved when creating/configuring a queue.
Access to SQS queues is entirely managed with IAM permissions.
With ECS, you will have to configure your task execution role properly. As an example, a policy like the following allows to send, receive and delete messages from a specific queue:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"sqs:DeleteMessage",
"sqs:ReceiveMessage",
"sqs:SendMessage"
],
"Resource": "arn:aws:sqs:<region>:<account>:<queue name>"
}
]
}