Skip to main content

AWS - SNS

This Integration is part of the AWS - SNS Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

Amazon Web Services Simple Notification Service (SNS)

For more information regarding the AWS SNS service, please visit the official documentation found here.

For detailed instructions about setting up authentication, see: AWS Integrations - Authentication.

Configure AWS - SNS on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for AWS - SNS.

  3. Click Add instance to create and configure a new integration instance.

    ParameterDescriptionRequired
    AWS Default RegionTrue
    Role ArnWhen using Access Key and Secret Key, there is no need to use Role ArnFalse
    Role Session NameFalse
    Access KeyTrue
    Secret KeyTrue
    Role Session DurationFalse
    TimeoutThe time in seconds till a timeout exception is reached. You can specify just the read timeout (for example 60) or also the connect timeout followed after a comma (for example 60,10). If a connect timeout is not specified, a default of 10 second will be used.False
    RetriesThe maximum number of retry attempts when connection or throttling errors are encountered. Set to 0 to disable retries. The default value is 5 and the limit is 10. Note: Increasing the number of retries will increase the execution time.False
    AWS STS Regional EndpointsSets the AWS_STS_REGIONAL_ENDPOINTS environment variable to specify the AWS STS endpoint resolution logic. By default, this option is set to “legacy” in AWS. Leave empty if the environment variable is already set using server configuration.False
    Use system proxy settingsFalse
    Trust any certificate (not secure)False
  4. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

aws-sns-create-subscription#


Subscribes an endpoint to an Amazon SNS topic. If the endpoint type is HTTP/S or email, or if the endpoint and the topic are not in the same Amazon Web Services account, the endpoint owner must run the ConfirmSubscription action to confirm the subscription.

Base Command#

aws-sns-create-subscription

Input#

Argument NameDescriptionRequired
topicArnThe ARN of the topic you want to subscribe to.Required
protocolThe protocol that you want to use. Possible values are: http, https, email, email-json, sms, sqs, application, lambda, firehose.Required
endpointThe endpoint that you want to receive notifications.Optional
returnSubscriptionArnSets whether the response from the Subscribe request includes the subscription ARN, even if the subscription is not yet confirmed. Possible values are: True, False.Optional
deliveryPolicyThe policy that defines how Amazon SNS retries failed deliveries to HTTP/S endpoints.Optional
filterPolicyThe simple JSON object that lets your subscriber receive only a subset of messages, rather than receiving every message published to the topic.Optional
rawMessageDeliveryWhen set to true , enables raw message delivery to Amazon SQS or HTTP/S endpoints. Possible values are: True, False.Optional
redrivePolicyWhen specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue.Optional
subscriptionRoleArnThe ARN of the IAM role that has the following: 1. Permission to write to the Kinesis Data Firehose delivery stream 2. Amazon SNS listed as a trusted entity.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

PathTypeDescription
AWS.SNS.Subscriptions.SubscriptionArnstringThe Subscription Arn

Command Example#

Human Readable Output#

aws-sns-list-topics#


Returns a list of the requester's topics.

Base Command#

aws-sns-list-topics

Input#

Argument NameDescriptionRequired
nextTokenToken returned by the previous ListTopics request.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

PathTypeDescription
AWS.SNS.Topics.TopicArnstringThe Topic ARN

Command Example#

Human Readable Output#

aws-sns-send-message#


Sends a message to an Amazon SNS topic, a text message (SMS message) directly to a phone number, or a message to a mobile platform endpoint (when you specify the TargetArn ).

Base Command#

aws-sns-send-message

Input#

Argument NameDescriptionRequired
topicArnThe topic you want to publish to. If you don't specify a value for the TopicArn parameter, you must specify a value for the PhoneNumber or TargetArn parameters.Optional
targetArnIf you don't specify a value for the TargetArn parameter, you must specify a value for the PhoneNumber or TopicArn parameters.Optional
phoneNumberThe phone number to which you want to deliver an SMS message. Use E.164 format.Optional
messageThe message you want to send.Required
subjectOptional parameter to be used as the "Subject" line when the message is delivered to email endpoints.Optional
messageStructureSet MessageStructure to json if you want to send a different message for each protocol.Optional
messageDeduplicationIdThis parameter applies only to FIFO (first-in-first-out) topics.Optional
messageGroupIdThis parameter applies only to FIFO (first-in-first-out) topics.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

PathTypeDescription
AWS.SNS.SentMessagesstringUnique identifier assigned to the published message.

Command Example#

Human Readable Output#

aws-sns-create-topic#


Creates a new a topic to which notifications can be published. You can specify the attribute to create FIFO topic.

Base Command#

aws-sns-create-topic

Input#

Argument NameDescriptionRequired
topicNameThe name of the new topic.Required
deliveryPolicyThe policy that defines how Amazon SNS retries failed deliveries to HTTP/S endpoints.Optional
displayNameThe display name to use for a topic with SMS subscriptions.Optional
fifoTopicSet to true to create a FIFO topic. Possible values are: true, false.Optional
policyThe policy that defines who can access your topic. By default, only the topic owner can publish or subscribe to the topic.Optional
kmsMasterKeyIdThe ID of an Amazon Web Services managed customer master key (CMK) for Amazon SNS or a custom CMK.Optional
contentBasedDeduplicationEnables content-based deduplication. Possible values are: True, False.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

PathTypeDescription
AWS.SNS.Topic.TopicArnunknownThe ARN of the created Amazon SNS topic.

Command Example#

Human Readable Output#

aws-sns-delete-topic#


Deletes a topic and all its subscriptions.

Base Command#

aws-sns-delete-topic

Input#

Argument NameDescriptionRequired
topicArnThe ARN of the topic you want to delete.Required
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

There is no context output for this command.

Command Example#

Human Readable Output#

aws-sns-list-subscriptions-by-topic#


Returns a list of the subscriptions to a specific topic. Each call returns a limited list of subscriptions, up to 100.

Base Command#

aws-sns-list-subscriptions-by-topic

Input#

Argument NameDescriptionRequired
topicArnThe ARN of the topic for which you wish to find subscriptions.Required
nextTokenToken returned by the previous ListTopics request.Optional
regionThe AWS Region, if not specified the default region will be used.Optional
roleArnThe Amazon Resource Name (ARN) of the role to assume.Optional
roleSessionNameAn identifier for the assumed role session.Optional
roleSessionDurationThe duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role.Optional

Context Output#

PathTypeDescription
AWS.SNS.Subscriptions.SubscriptionArnunknownThe Subscription Arn

Command Example#

Human Readable Output#