[AWS] 12-2. Decoupling application: SNS, SNS+SQS (Fan Out)
[ Amazon SNS ]
send one message to many receivers
- The "event producer" only sends message to one SNS topic
- As many "event receivers(subscriptions)" as we want to listen to the SNS topic notifications
- Each subscriber to the topic will get all the messages (note: new feature to filter messages)
- Up to 10,000,000 subscriptions per topic
- 100,000 topics limit
- Subscribers can be
1) SQS
2) HTTP/HTTPS (with delivery retries - how many times)
3) Lambda
4) Emails
5) SMS messages
6) Mobile Notifications
1. SNS integrated with a lot of AWS services
- Many AWS services can send data directly to SNS for notifications
- CloudWatch (for alarms)
- Auto Scaling Groups notifications
- Amazon S3 (on bucket events)
- CloudFormation (upon state changes => failed to build, etc)
2. How to publish
- Topic publish (using the SDK)
1) Create a topic
2) Create a subscription
3) Publish to the topic
- Direct Publish (for mobile apps SDK)
1) Create a platform application
2) Create a platform endpoint
3) Publish to the platform endpoint
4) Works with Google GCM, Apple APNS, Amazon ADM
3. Security
- Encryption :
In-flight encryption using HTTPS API
At-rest encryption using KMS keys
Client-side encryption if the client wants to perform encrption/decryption inself
- Access Controls : IAM policies to regulate access to the SNS API
- SNS Access Policies (similiar to S3 bucket policies)
Useful for cross-account access to SNS topics
Useful for allowing other services (S3..) to write to an SNS topic
[ SNS + SQS : Fan Out(산개) ]
SNS에 메시지 푸시후 토픽을 구독중인 다수의 SQS가 메시지를 가져가는 패턴
- Push once in SNS, receive in all SQS queues that are subscribers
- Fully decoupled, no data loss
- SQS allows for : data persistence, delayed processing and retries of work
- Ability to add more SQS subscribers over time
- Make sure your SQS queue access policy allows for SNS to write
* SNS cannot send messages to SQS FIFO queues (AWS limitation)
# S3 Events to multiple queues
- For the same combination of : event type(eg: object create) and prefix (eg: images/) you can only have one S3 Event rule
- If you want to send the same S3 event to many SQS queues, use fan-out