Amazon SNS features

Event-driven computing is a model in which subscriber services automatically perform work in response to events triggered by publisher services. This paradigm can be applied to automate workflows while decoupling the services that collectively and independently work to fulfil these workflows.

Amazon SNS is an event-driven computing hub that has native integration with a wide variety of AWS event sources (including Amazon EC2, Amazon S3, and Amazon RDS) and AWS event destinations (including Amazon SQS, and Lambda).

The full set of Amazon SNS event sources includes the following services:

• Compute: Amazon EC2 Auto Scaling, AWS Elastic Beanstalk, AWS Lambda, Elastic Load Balancing
• Storage: Amazon Elastic File System, Amazon Glacier, Amazon Simple Storage Service, AWS Snowball
• Database: Amazon DynamoDB, Amazon ElastiCache, Amazon Redshift, Amazon Relational Database Service, AWS Database Migration Service
• Networking: Amazon Route 53, Amazon VPC, AWS Direct Connect
• Developer Tools: AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy, AWS CodePipeline
• Management Tools: Amazon CloudWatch Alarms, Amazon CloudWatch Events, AWS CloudFormation, AWS CloudTrail, AWS Config
• Customer Engagement: Amazon Pinpoint, Amazon Simple Email Service
• Analytics: AWS Data Pipeline
• Security, Identity and Compliance: Amazon Inspector
• Media: Amazon Elastic Transcoder
• Internet of Things: AWS IoT

Amazon SNS can filter and fanout events to the following destinations to support event-driven computing use cases:

• Amazon Simple Queue Service
• AWS Lambda
• AWS Event Fork Pipelines
• Webhook (HTTP/S)
• Amazon Kinesis Data Firehose

Learn more about event-driven computing with Amazon SNS and AWS compute, storage, database, and networking services, and enriching event-driven architectures with AWS Event Fork Pipelines.

Message filtering empowers the subscriber to create a filter policy, so that it only gets the notifications it is interested in, as opposed to receiving every single message posted to the topic. Visit our blog to learn how to simplify your pub/sub messaging with Amazon SNS message filtering and get to know message filtering operators for numeric matching, prefix matching, and blacklisting in Amazon SNS. Additionally, you may monitor your Amazon SNS message filtering activity with Amazon CloudWatch and manage Amazon SNS filter policies with AWS CloudFormation.

Message fanout occurs when a message is sent to a topic and then replicated and pushed to multiple endpoints. Fanout provides asynchronous event notifications, which in turn allows for parallel processing. Try our 10-minute tutorial to learn how to send fanout event notifications with Amazon SNS.

Amazon SNS uses a number of strategies that work together to provide message durability. To start, published messages are stored across multiple, geographically-separated servers and data centers. If a subscribed endpoint isn't available, Amazon SNS executes a message delivery retry policy. To preserve any messages that aren't delivered before the delivery retry policy ends, you can create a dead-letter queue. You can also subscribe Amazon Kinesis Data Firehose delivery streams to SNS topics, which allows messages to be sent to durable endpoints such as Amazon S3 buckets or Amazon Redshift tables.

Amazon SNS provides encrypted topics to protect your messages from unauthorized and anonymous access. When you publish messages to encrypted topics, Amazon SNS immediately encrypts your messages. The encryption takes place on the server, using a 256-bit AES-GCM algorithm and a customer master key (CMK) issued with AWS Key Management Service (KMS). The messages are stored in encrypted form, and decrypted as they are delivered to subscribing endpoints (Amazon SQS queues, AWS Lambda functions, HTTP/S webhooks). Learn more about encrypting messages published to Amazon SNS with AWS KMS.

Amazon SNS supports VPC Endpoints (VPCE) via AWS PrivateLink. You can use VPC Endpoints to privately publish messages to Amazon SNS topics, from an Amazon Virtual Private Cloud (VPC), without traversing the public internet. This feature brings additional security, helps promote data privacy, and aligns with assurance programs.

When you use AWS PrivateLink, you don’t need to set up an Internet Gateway (IGW), Network Address Translation (NAT) device, or Virtual Private Network (VPN) connection. You don’t need to use public IP addresses, either.

You may visit our blog to learn how to secure messages published to Amazon SNS with AWS PrivateLink. You can also deploy Amazon VPC endpoints for Amazon SNS with AWS CloudFormation.

Amazon SNS provides a direct connection to Amazon Kinesis Data Firehose, allowing message storage in services such as Amazon S3 or Amazon Redshift, to enable easy data collection for analytics, archival, monitoring, etc.

Amazon SNS mobile notifications make it simple and cost effective to fanout mobile push notifications to iOS, Android, Fire OS, Windows and Baidu-based devices. Mobile notifications can be triggered from user driven actions within an application or from business logic within the cloud.

Amazon SNS supports the ability to send text messages at scale to 200+ countries using a highly available and durable service with redundancy across multiple SMS providers. With Amazon SNS you’ll be able to control your originating identity (how users identify you) by using a sender ID, long codes or short codes. Additionally, Amazon SNS supports email (SMTP) via SNS topics.