Join our community of over 9,300 readers delving into AWS. We highlight real-world best practices through easy-to-understand visualizations and one-pagers. Expect a fresh newsletter edition every two weeks.
π¨ SNS Unpacked: From Pub/Sub Patterns to Pricing!
Hi Reader ππ½
This is another issue that is all about messaging systems and patterns. It is the last one of this series. After that, we continue with more networking services πͺ
This time we talk about the service Simple Notification Service or better known as SNS π¨
To get you excited, here is one upfront guessing question: What's the subscription limit per topic? π€ Scroll down to find the answer.
But now let's get into the overview of this issue:
- Introduction to SNS
- The Publish/Subscribe Pattern
- Destinations
- The Fan-out Pattern
- IAM & Message Encryption
- Standard vs. FIFO Topics
- Message Filtering
- Retries
- Pricing
Let's get into it! π
Introduction
Amazon SNS is a fully managed publish & subscribe service.
The fundamentals are quite simple:
- Publishers can send messages to topics.
- Subscribers subscribe to those topics.
- The topics distribute receive messages to the subscribers.
Subscribers can either be personal applications like smartphone notifications, emails, or SMS. A subscriber can also be another AWS Service.
The Publish/Subscribe Pattern
SNS publishes messages to subscribers with a push-based model. Once a message comes in, SNS pushes out the message to its subscribers immediately.
SQS on the other hand is a poll-based mode. That means a message remains in a queue and consumers poll this message.
Destinations
SNS supports a lot of different destinations to which it can deliver messages. SNS distinguishes those into two endpoint groups:
- Application-to-Application - messages that are sent to another application and not to a customer, e.g. other AWS services like SQS or Lambda.
- Application-to-Person - messages that are sent to the customer.g. E-Mail, SMS, or In-App Push Notifications.
The Fan-out Pattern
SNS works exceptionally well for the use-case of sending a message to many subscribers. This pattern is called Fan-out.
This is also the major difference to SQS, as SQS only has one consumer per message (excluding the cases where reprocessing is happening due to errors).
IAM & Message Encryption
As with other AWS services, SNS is fully integrated with IAM. This means you can control access to your topics via topic policies.
You can also encrypt your data in SNS. You need to encrypt the message in two places, in transit and at rest.
- In-Transit refers to the transportation layer. The HTTPS protocol and an SSL certificate encrypt your message in transit.
- Encryption at rest refers to the actual encryption on the disk on the server. You can activate this in SNS.
SNS handles the whole encryption process on the server side. You can either use a key of AWS's own Key Service (KMS) or provide a custom one. This will encrypt all sensitive data in your message.
Standard vs. FIFO Topics
In SNS you can choose two different types of topics.
- Standard: No message ordering guarantees, but higher throughput. This means SNS can send your messages in a different order than they came in.
- FIFO: Lower throughput but following a first-in, first-out approach.
β
Message Filtering
Message filtering allows you to send only a subset of messages to subscribers. You can assign filter policies that check the message for certain attributes. If a message meets these policies, SNS sends it to the subscriber. This allows a flexible routing mechanism.
The filter policy can be applied both to Message Attributes and the Message Body.
In the example, we're filtering based on the message payload isBlogPost. Some of our subscribers are ignoring messages that have this field set to true, while all of them are listening to messages that have the field set to false.
Retries
For each delivery protocol, SNS defines a delivery policy. With this protocol, you can define how retries are happening. Retries will only happen on server-side errors.
Compared to SQS, SNS is not aware of errors happening inside of your Lambda function.
SNS only cares about sending out your messages. That means once your message is out it is successfully processed by SNS.
If your Lambda function fails to work on the message the delivery protocol will not be aware of that. SNS calls your Lambda function asynchronously. We highlight this because this is very often misunderstood.
A common server-side error is a missing IAM policy. If your topic isnβt allowed to call a Lambda function a server-side error will occur.
Another error would be if the Lambda API is down but this doesnβt happen very often (fortunately).
With the delivery protocol, you can then define retries.
Pricing
SNS is a serverless service. You donβt have any fees if you donβt use it. The charges are completely usage-based.
- 1 Million Requests: $0.50
- 100k Notifications via HTTP: $0.06
- 100k E-Mails: $2.00
Free Tier: The free tier covers 1 million requests, 100k notifications, 100 SMS, and 1000 notifications via email every month.
Final Words
SNS is an amazing service to build high-throughput, customer-facing applications. The ability to use application and personal endpoints are amazing in SNS.
That's it for today. We hope you've enjoyed this issue!
See you in two weeks!
Sandro & Tobi π
P.S.: there can be 12,500,00 subscribers per topic! π₯
β
... beyond AWS Fundamentals
This week, we want to give a huge shout-out to Allen Helton. Watching Allen's story unfoldβfrom becoming an AWS Community Builder and AWS Hero to joining the amazing Momento teamβhas been amazing.
Allen shares a lot of content through his newsletter, blog, and podcast. He is always happy to assist you if you need help with anything cloud-related. Thanks, Allen!
Still hungry for AWS content? Have a look at our blog! π β
AWS for the Real World
Join our community of over 9,300 readers delving into AWS. We highlight real-world best practices through easy-to-understand visualizations and one-pagers. Expect a fresh newsletter edition every two weeks.
AWS FOR THE REAL WORLD β±οΈ Reading time: 6 minutes π― Main Learning: Understanding Amazon Aurora DSQL pricing structure including DPUs, storage costs, and free tier π Blog Post π₯ YouTube Video Hey Reader ππ½in December 2024 AWS announced the preview of the serverless database DSQL and just in May it was generally available. With the announcement of the general availability, the pricing was also announced. The pricing is not super straightforward, so let's dive into it. Click to watch this video...
AWS FOR THE REAL WORLD β±οΈ Reading time: 8 minutes π― Main Learning: Building & Testing Lambda@Edge Functions with LocalStack π Blog Post Hey Reader ππ½we hope you have a great week! End of last year the CDN Edgeio was deprecated. Tobi's client company used it and the only thing that saved his day was CloudFront and Lambda@Edge Functions. But we realized that testing them and executing them locally is a pain. When we started to look for a solution we found Localstack - let's see how we can use...
AWS FOR THE REAL WORLD β±οΈ Reading time: 8 minutes π― Main Learning: Migrating from Edgio to CloudFront π Blog Post π» GitHub Repository Hey Reader ππ½After a busy week in Prague, both Tobi and I (Sandro) delivered our talks and we got quite some good feedback! We will share them in a separate newsletter soon.But this newsletter is all about accessing S3 within a VPC via Gateway endpoints vs. Internet routing. We know these networking issues are not the fanciest onces (looking at you AI) but...