AWS SNS Integration
Track message publish rates, delivery failures, and subscription health across SNS topics. Fan-out topology visibility with AI anomaly detection for delivery failures and retry storms.
How It Works
Deploy CloudFormation Stack
Launch the TigerOps CloudFormation template to configure CloudWatch Metric Streams for the AWS/SNS namespace and create the IAM role with read permissions.
Enable SNS Delivery Logging
Configure SNS delivery status logging for HTTP/S, Lambda, and SQS subscriptions. TigerOps ingests the delivery logs from CloudWatch to provide per-subscription failure details.
Map Topics to Services
TigerOps reads SNS topic tags to map each topic to the owning team and service. Per-topic dashboards are auto-generated so each team has instant visibility into their notification flows.
Configure Delivery SLA Alerts
Set delivery failure rate thresholds and notification age alerts per topic. TigerOps fires alerts when delivery failures exceed your SLA and escalates if delivery logs show repeated retries.
What You Get Out of the Box
Publish Rate Monitoring
Messages published per topic per second with historical trend analysis. TigerOps surfaces anomalous publish rate spikes that may indicate runaway producers or retry storms.
Delivery Failure Tracking
Per-subscription delivery failure counts broken down by failure reason (endpoint unreachable, throttled, invalid response). TigerOps alerts and links failures to the specific subscription endpoint.
Subscription Health
Pending subscription confirmations, failed HTTP endpoint deliveries, and Lambda invocation errors per subscription. TigerOps highlights subscriptions with persistent delivery failures.
Dead Letter Queue Integration
When SNS is configured with a DLQ for failed deliveries, TigerOps monitors DLQ depth alongside publish rates to give you a complete picture of undelivered message accumulation.
Cross-Service Fan-Out Visibility
SNS fan-out topologies often have one topic feeding many SQS queues and Lambdas. TigerOps maps the full fan-out graph and shows the health of each downstream subscriber in one view.
AI Delivery Anomaly Detection
TigerOps AI baselines delivery success rates per topic and subscription, and alerts on statistically unusual failure patterns that static thresholds miss — including transient delivery blips.
SNS Delivery Logging Setup
Enable delivery status logging on SNS topics and deploy the TigerOps integration stack.
# Enable SNS delivery status logging for Lambda subscriptions
aws sns set-topic-attributes \
--topic-arn arn:aws:sns:us-east-1:123456789:my-topic \
--attribute-name LambdaSuccessFeedbackRoleArn \
--attribute-value arn:aws:iam::123456789:role/sns-delivery-logging-role
aws sns set-topic-attributes \
--topic-arn arn:aws:sns:us-east-1:123456789:my-topic \
--attribute-name LambdaFailureFeedbackRoleArn \
--attribute-value arn:aws:iam::123456789:role/sns-delivery-logging-role
aws sns set-topic-attributes \
--topic-arn arn:aws:sns:us-east-1:123456789:my-topic \
--attribute-name LambdaSuccessFeedbackSampleRate \
--attribute-value 100
# Enable for SQS subscriptions
aws sns set-topic-attributes \
--topic-arn arn:aws:sns:us-east-1:123456789:my-topic \
--attribute-name SQSFailureFeedbackRoleArn \
--attribute-value arn:aws:iam::123456789:role/sns-delivery-logging-role
# Deploy TigerOps SNS monitoring stack
aws cloudformation deploy \
--template-url https://tigerops-cfn.s3.amazonaws.com/sns-integration.yaml \
--stack-name tigerops-sns \
--capabilities CAPABILITY_IAM \
--parameter-overrides TigerOpsApiKey=${TIGEROPS_API_KEY}Common Questions
What SNS subscription types does TigerOps monitor?
TigerOps monitors delivery metrics for HTTP/S, AWS Lambda, Amazon SQS, Amazon Kinesis Data Firehose, and email/email-JSON subscriptions. Delivery status logging must be enabled per protocol on each topic for per-subscription failure details.
How do I enable SNS delivery status logging?
SNS delivery status logging is configured per protocol on each topic. You provide an IAM role that allows SNS to write to CloudWatch Logs. TigerOps can automate this via the CloudFormation stack for all topics in your account.
Can TigerOps alert when SNS message delivery is failing for a specific endpoint?
Yes. TigerOps parses SNS delivery status logs from CloudWatch and can alert when a specific HTTP endpoint or Lambda ARN has a delivery failure rate above your configured threshold for a sustained period.
How does TigerOps handle SNS FIFO topics?
SNS FIFO topic metrics (NumberOfMessagesPublished, NumberOfNotificationsDelivered, etc.) are ingested the same way as standard topics. TigerOps also tracks MessageGroupId distribution to identify hotspot message groups.
Can TigerOps help diagnose an SNS to SQS delivery failure?
Yes. TigerOps correlates SNS delivery failure events for SQS subscriptions with the corresponding SQS queue metrics. When an SNS delivery failure coincides with an SQS queue access policy error, TigerOps surfaces both signals together in the incident.
Never Miss a Silently Failing SNS Delivery
Publish rate monitoring, delivery failure alerts, and fan-out visibility. Connect your SNS topics in minutes.