Amazon Simple Notification Service (SNS) is a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications. Amazon SNS provides topics for high-throughput, push-based, many-to-many messaging. Using Amazon SNS topics, your publisher systems can fan out messages to a large number of subscriber endpoints for parallel processing, including Amazon SQS queues, AWS Lambda functions, and HTTP/S webhooks. Additionally, SNS can be used to fan out notifications to end users using mobile push, SMS, and email.
You can get started with Amazon SNS in minutes by using the AWS Management Console, AWS Command Line Interface (CLI), or AWS Software Development Kit (SDK).
Event Sources and Destinations
Event-driven computing is a model in which subscriber services automatically perform work in response to events triggered by publisher services. This paradigm can be applied to automate workflows while decoupling the services that collectively and independently work to fulfil these workflows.
Amazon SNS is an event-driven computing hub that has native integration with a wide variety of AWS event sources (including Amazon EC2, Amazon S3, and Amazon RDS) and AWS event destinations (including Amazon SQS, and Lambda).
The full set of Amazon SNS event sources includes the following services:
- Compute: Amazon EC2 Auto Scaling, AWS Elastic Beanstalk, AWS Lambda, Elastic Load Balancing
- Storage: Amazon Elastic File System, Amazon Glacier, Amazon Simple Storage Service, AWS Snowball
- Database: Amazon DynamoDB, Amazon ElastiCache, Amazon Redshift, Amazon Relational Database Service, AWS Database Migration Service
- Networking: Amazon Route 53, Amazon VPC, AWS Direct Connect
- Developer Tools: AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy, AWS CodePipeline
- Management Tools: Amazon CloudWatch Alarms, Amazon CloudWatch Events, AWS CloudFormation, AWS CloudTrail, AWS Config
- Customer Engagement: Amazon Pinpoint, Amazon Simple Email Service
- Analytics: AWS Data Pipeline
- Security, Identity and Compliance: Amazon Inspector
- Media: Amazon Elastic Transcoder
- Internet of Things: AWS IoT
Amazon SNS can filter and fanout events to the following destinations to support event-driven computing use cases:
- Amazon Simple Queue Service
- AWS Lambda
- Webhook (HTTP/S)
Message filtering empowers the subscriber to create a filter policy so that it only gets the notifications it is interested in, as opposed to receiving every single message posted to the topic. Additionally, you may monitor your Amazon SNS message filtering activity with Amazon CloudWatch and manage Amazon SNS filter policies with AWS CloudFormation.
Message fanout occurs when a message is sent to a topic and then replicated and pushed to multiple endpoints. Fanout provides asynchronous event notifications, which in turn allows for parallel processing.
Amazon SNS provides encrypted topics to protect your messages from unauthorized and anonymous access. When you publish messages to encrypted topics, Amazon SNS immediately encrypts your messages. The encryption takes place on the server, using a 256-bit AES-GCM algorithm and a customer master key (CMK) issued with AWS Key Management Service (KMS). The messages are stored in encrypted form and decrypted as they are delivered to subscribing endpoints (Amazon SQS queues, AWS Lambda functions, HTTP/S webhooks).
Amazon SNS supports VPC Endpoints (VPCE) via AWS PrivateLink. You can use VPC Endpoints to privately publish messages to Amazon SNS topics, from an Amazon Virtual Private Cloud (VPC), without traversing the public internet. This feature brings additional security, helps promote data privacy, and aligns with assurance programs.
When you use AWS PrivateLink, you don’t need to set up an Internet Gateway (IGW), Network Address Translation (NAT) device, or Virtual Private Network (VPN) connection. You don’t need to use public IP addresses, either.
Amazon SNS mobile notifications make it simple and cost-effective to fanout mobile push notifications to iOS, Android, Fire OS, Windows and Baidu-based devices. You can also use SNS to fanout text messages (SMS) to 200+ countries and fanout email messages (SMTP).
Alternatively, if your use case can benefit from advanced user engagement and retention features such as mobile notification templates, delivery schedules, targeted customer segments, campaigns, analytics, and A/B testing, then Amazon Pinpoint is the recommended AWS service to support your mobile messaging use case.
Reliably deliver messages with durability
Amazon SNS uses cross availability zone message storage to provide high message durability. Running within Amazon’s proven network infrastructure and datacenters, Amazon SNS topics are available whenever your applications need them. All messages published to Amazon SNS are stored redundantly across multiple geographically separated servers and data centers. Amazon SNS reliably delivers messages to all valid AWS endpoints, such as Amazon SQS queues and AWS Lambda functions.
Automatically scale your workload
Amazon SNS leverages the proven AWS cloud to dynamically scale with your application. Amazon SNS is a fully managed service, taking care of the heavy lifting related to capacity planning, provisioning, monitoring, and patching. The service is designed to handle high-throughput, bursty traffic patterns. Moreover, there is no upfront cost, and no need to acquire, install, configure, or upgrade messaging software.
Simplify your architecture with Message Filtering
Amazon SNS helps you simplify your pub/sub messaging architecture by offloading the message filtering logic from your subscriber systems, and message routing logic from your publisher systems. With Amazon SNS message filtering, subscribing endpoints receive only the messages of interest, instead of all messages published to the topic. Amazon CloudWatch gives visibility into your filtering activity, and AWS CloudFormation enables you to deploy subscription filter policies in an automated and secure manner.
Keep messages private and secure
Amazon SNS topic owners can keep sensitive data secure by setting topic policies that restrict who can publish and subscribe to a topic. Amazon SNS also ensures that data is encrypted in transit by applying Amazon ATS certificates to support its HTTPS API, and can also encrypt data at rest by using AWS KMS keys. Additionally, using AWS PrivateLink, you can privately publish messages to Amazon SNS topics from your Amazon VPC subnets without traversing the public Internet. Amazon SNS can also support use cases in regulated markets, and is in-scope with compliance programs, including HIPAA, PCI, ISO, FIPS, SOC and FedRAMP.