First SNS Topic

Pub-sub.

Setup

The first SNS topic moves fan-out from theory to production. Create the topic, subscribe endpoints, confirm the HTTP/S ones; the topic ARN is what every downstream config references.

• create-topic. AWS Console or CLI with a name; returns the ARN; every downstream config references it.
• Subscriptions. Subscribe email, SMS, Lambda, SQS, HTTP/S, or mobile-push endpoints; per-subscriber the delivery channel.
• Confirmation. Per-HTTP/S subscriber the confirmation message; without confirmation, SNS will not deliver.
• Per-topic IAM. Per-topic publish/subscribe policy; matches modern security; cross-account access controlled here.

Publishing

Publishing is where the fan-out happens. Subject, body, attributes; the attributes are what make filtering possible later, so populate them at publish time even if no filter exists yet.

• PutMessage with topic ARN, subject, body. SNS fans out to every subscriber; per-publish the broadcast.
• Message attributes for filtering. Per-message structured attributes; subscribers receive only matching messages.
• Multi-region replication. SNS to SQS in another region; matches cross-region fan-out.
• FIFO topics for ordering. Per-FIFO topic strict ordering; the right shape when order matters.

Subscription filters

Filters turn one shared topic into N targeted feeds. Subscribers only invoke for relevant messages, which keeps Lambda cost down and SQS queues lean.

• Per-subscription filter policy. JSON-pattern matching on message attributes; per-subscriber filter scope.
• Reduces unnecessary processing. Per-subscriber only matching messages invoke; supports cost discipline.
• Common pattern. Per-team shared topic with team-specific filters; matches multi-tenant fan-out.
• Per-filter audit. Per-quarter filter review; catches drift between intended and actual filter behaviour.

Operating

SNS is mostly fire-and-forget, but operating it well still requires monitoring delivery success and pruning unused subscriptions. Without operational discipline, dead subscribers accumulate and DLQs fill silently.

• Per-topic monitoring. Published message rate and delivery success per subscription; supports investigation.
• Failed deliveries to DLQ. Per-subscription dead-letter queue; supports recovery from delivery failures.
• Quarterly subscription audit. Per-quarter "are-subscriptions-still-needed" review; catches drift before it becomes cost.
• Per-topic IAM policy review. Per-quarter publish/subscribe policy review; matches the access reality of the moment.