Lab: SNS → SQS Fanout
Part A — Create SNS Topic (Standard)
1) Open SNS
- AWS Console search bar → type SNS
- Click Simple Notification Service
2) Create Topic
- Left menu → Topics
- Click Create topic
3) Configure Topic
- Type → select Standard
-
Name →
devops-sns-topic - Leave everything else default
- Click Create topic
4) Copy Topic ARN
- On topic page → copy ARN
- Save it:
SNS_TOPIC_ARN = arn:aws:sns:us-east-2:021399177326:devops-sns-topic
Part B — Create SQS Queue (Standard)
5) Open SQS
- AWS Console search bar → type SQS
- Click Simple Queue Service
6) Create Queue
- Click Create queue
7) Configure Queue
- Type → select Standard
-
Name →
devops-sqs-queue - Keep defaults for all Configuration fields
- Encryption → leave default (your queue shows SSE-SQS enabled by AWS-managed key — that’s fine)
- Access policy → leave default (owner-only)
- DLQ / Redrive → leave disabled
- Click Create queue
8) Copy Queue ARN + URL
- Open the queue: click devops-sqs-queue
- Copy ARN and URL
- Save them:
SQS_QUEUE_ARN = arn:aws:sqs:us-east-2:021399177326:devops-sqs-queueSQS_QUEUE_URL = https://sqs.us-east-2.amazonaws.com/021399177326/devops-sqs-queue
Part C — Subscribe SQS to SNS
9) Go to SNS Topic
- Go back to SNS
- Click Topics
- Click devops-sns-topic
10) Create Subscription
- Scroll to Subscriptions
- Click Create subscription
11) Subscription Settings
- Topic ARN should already be filled
- Protocol → select Amazon SQS
- Endpoint → paste your queue ARN:
arn:aws:sqs:us-east-2:021399177326:devops-sqs-queue
- Click Create subscription
✅ After this you should see:
- Subscriptions (1)
- Protocol: Amazon SQS
- Status: usually Confirmed
Part D — Allow SNS to Send Messages into SQS (Required)
If you skip this, messages often do not arrive.
12) Open SQS Queue Permissions
- Go to SQS
- Click Queues
- Click devops-sqs-queue
13) Edit Access Policy
- Scroll to Access policy
- Click Edit
- Choose Advanced (JSON)
14) Paste Policy (Use your real ARNs)
- Replace the policy with this (exact values you have):
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Allow-SNS-SendMessage",
"Effect": "Allow",
"Principal": { "Service": "sns.amazonaws.com" },
"Action": "sqs:SendMessage",
"Resource": "arn:aws:sqs:us-east-2:021399177326:devops-sqs-queue",
"Condition": {
"ArnEquals": {
"aws:SourceArn": "arn:aws:sns:us-east-2:021399177326:devops-sns-topic"
}
}
}
]
}
- Click Save changes
Part E — Publish Message to SNS
15) Open SNS Topic Again
- Go to SNS → Topics
- Click devops-sns-topic
16) Publish Message
- Click Publish message
- Subject (optional):
test-message - Message body:
Hello students!
SNS published this message.
SQS will store it until consumer reads it.
- Click Publish message
Part F — Receive Message from SQS
17) Open Queue to Read Messages
- Go to SQS → Queues
- Click devops-sqs-queue
18) Poll for Messages
- Click Send and receive messages
- Click Poll for messages
- You should see the message appear
19) View Message Body
- Click the message
- Expand details
- You will see SNS wraps the message in JSON (this is normal)
20) Delete Message
- Select the message checkbox
- Click Delete
- Confirm Delete
What Students Must Learn (Short)
SNS (Topic)
- “I publish 1 message”
- “Many systems can receive it” (fanout)
SQS (Queue)
- “I store messages safely”
- “Consumer can read later”
- Prevents loss if consumer is down
Together
- Producer and consumer are decoupled
- More reliable and scalable systems
Quick Troubleshooting (Fast Checks)
- No messages in SQS
- Confirm you added SQS Access policy allowing SNS
- Confirm topic ARN in policy matches exactly
- Confirm SNS + SQS are in same region (us-east-2)
- Subscription exists but still nothing
- Open subscription → verify it points to correct queue ARN
- Republish message
- Poll again
Cleanup (Optional)
- SNS Topic → Subscriptions → delete subscription
- Delete SNS topic
- Delete SQS queue
Top comments (0)