Fabled Bits Web Development

Amazon Simple Notification Service

Amazon Simple Notification Service

From sending push notifications to someone's phone, to sending you critical application alerts, Amazon SNS is very versatile

Keith Yager's photo
Keith Yager
·

3 min read

Amazon Simple Notification, or Amazon SNS, is a service that makes it easier for developers to setup, operate, and send notifications to a variety of services. Some example services that might use Amazon SNS are push notifications you would receive on your phone, or a short SMS message that lets you know when a new video has been published, or even an email.

AWS also uses SNS to deliver CloudWatch alarm notifications that might of been setup.

Amazon SNS is built upon two different types of clients: publishers (sometimes known as producers), and subscribers (sometimes known as consumers). Using these two clients allows you to send notification messages without the need to constantly poll another service for new messages.

Publishers

Publishers communicate with subscribers by asynchronously sending a message to a topic. Topics are basically a common access point that contains a list of subscribers and how they can be communicated with.

When a topic receives a message, it's delivered to each subscriber using the methods they are configured with.

The methods and protocols that can be used with Amazon SNS are:

  • Amazon Kinesis Data Firehose
  • Amazon SQS
  • AWS Lambda
  • Email
  • Email-JSON
  • HTTP
  • HTTPS
  • Platform application endpoint
  • SMS

Topics use a unique endpoint that publishers send their messages to, and once a message has been published to a topic, it cannot be recalled.

Subscribers

Subscribers receive all messages that are delivered to the topic that they are subscribed to.

A common subscriber example is an Amazon SQS queue. Amazon SNS allows messages to be replicated and sent to multiple subscribers at once, which can allow for parallel asynchronous processing.

Security

When you create an Amazon SNS topic, you are able to add optional server-side at-rest encryption, the message gets encrypted as soon as it's received and then decrypted immediately before delivery.

You can also define who can publish to, and who can subscribe to your topic. This can be done via some simple choices you make during creation, such as only the topic owner, everyone, or other AWS accounts.

A new ARN is created automatically for your topics.

You can also control access via a JSON policy that looks much like an IAM policy, and example policy may look like this:

{
  "Version": "2008-10-17",
  "Id": "__default_policy_ID",
  "Statement": [
    {
      "Sid": "__default_statement_ID",
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": [
        "SNS:Publish",
        "SNS:RemovePermission",
        "SNS:SetTopicAttributes",
        "SNS:DeleteTopic",
        "SNS:ListSubscriptionsByTopic",
        "SNS:GetTopicAttributes",
        "SNS:Receive",
        "SNS:AddPermission",
        "SNS:Subscribe"
      ],
      "Resource": "",
      "Condition": {
        "StringEquals": {
          "AWS:SourceOwner": "123456890"
        }
      }
    }
  ]
}

Logging

You can enable logging for delivery status, which will allow you to select which protocol you log, what percentage of successful messages get logged, and which IAM policy to use for successful and failed deliveries.

Summary

Amazon SNS allows you to send push notifications to an individual or a large number of recipients. Publishers send the message to a topic which is then sent to any number of subscribers that are listed on the topic.

AWSpush notifications