# Amazon SNS
Amazon Simple Notification Service (SNS) (opens new window) is a fully managed messaging service for both application-to-application and application-to-person communication. It uses a simplified Pub/Sub paradigm to connect distributed systems, microservices, and node applications.
# API version
This connector uses the Amazon SNS API (opens new window).
# How to connect to Amazon SNS on Workato
To connect to your Amazon SNS instance, you will need the AWS IAM role or the AWS IAM user Access key ID and secret.
USE THE AWS IAM ROLE
We recommend using the AWS IAM role.
The AWS IAM role uses temporary credentials making this method secure and not requiring additional management compared to the AWS IAM user which uses permanent credentials that can be leaked and that have to be rotated by the user.
# Connection fields
Connection name
Provide a unique name for this connection to identify the Amazon SNS instance it connects to.
Authentication type
Choose either IAM Role auth (recommended) or Access key auth.
Authentication details
Configure the authentication details based on your chosen Authentication type.
IAM role ARN
(For IAM Role auth)
Enter the Amazon Resource Name (ARN) of the AWS IAM role. Example syntax:arn:aws:iam::account_id:role/role-name-with-path.Access Key ID
(For Access key auth)
Enter the IAM user access key ID.Secret Access Key
(For Access key auth)
Enter the secret associated with the access key ID.
Region
Specify the region of your AWS SNS instance.
# Create IAM role and ARN retrieval
Refer to the IAM role-based authentication for AWS page for instructions on how to create an IAM role for Workato and retrieve your Amazon resource name (ARN).
# How to create integration system role
You can create an integration system role to ensure that permissions are consistent and that all operations can be logged on a single account.
# How to create integration system user
To create a new ISU and obtain the Access key ID and secret access key:
Navigate to Identity and Access Management (IAM) on your AWS console. Select Users from the left panel. Click Add user.
Create IAM user
Set the username. Ensure that Programmatic access is selected.
Set username
In the Add permissions view do not select any policy, we will configure permissions and polices in a later step. Click Next.
Skip setting permissions
Provide information for Tags as needed and review the configuration for this IAM user.
This user has no permissions
Disregard the warning that this user has no permissions, as we will be configuring permissions and policies in a later step.
Next, save a copy of the Access key ID and Secret access key. This will be needed to connect to Workato.
Save access key credentials
Navigate to Identity and Access Management (IAM) on your AWS console. Select Users from the left panel. Find the user that you have created and click on it. Click Add inline policy.
Update IAM user policy
Adding permission for ISU
In the Create policy view select JSON tab and copy-paste the below IAM policy template. Click Review policy.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": [
"iam:GetUser",
"sns:ListTopics",
"sns:Subscribe",
"sns:Unsubscribe",
"sns:SetSubscriptionAttributes",
"sns:Publish"
],
"Resource": "*"
}
]
}
Review IAM user policy
In the Review policy view define a descriptive name for the policy (e.g. workato_isu-sns_connector). Click Create policy. User is ready, use credentials saved in the step 4 in Workato SNS connector configuration.
Create policy
Last updated: 7/30/2024, 4:28:20 PM