By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

MTLS support for Amazon SNS

0

Now do you have support of MTLS for SNS? I am using Twilio to send sms to my end user. as of now they have provided their rest end point which we call to send message and they send sms to end user. I want to integrate now with SNS. I want to know does SNS provide any rest end point which we can use or it only provide SDK? in my company it is mandatory to US MTLS for authentication to call to any third party? do you support MTLS for bidirectional communication . suppose if we use your SDK can we customize it to use mtls. by default it uses tls. also if we consume your rest end point will you support MTLS? we will share our certificate when proper integration will happen?

Topics
Security, Identity, & ComplianceApplication IntegrationMicroservices
Tags
Security, Identity, & ComplianceAmazon Simple Notification Service (SNS)MicroservicesAWS Academy
Language
English
Rohit
asked 3 months ago178 views
1 Answer
2

SNS does not support mTLS natively. However, you can use a REST API in API Gateway in front of it, i.e.: Application -> API Gateway -> SNS. You can use mTLS for Application to API Gateway, and an IAM role for API Gateway -> SNS. When using an IAM role directly (i.e. Application -> SNS), all requests are authenticated and authorized. It's not mTLS, though. See also Identity and access management in Amazon SNS for more details.

profile pictureAWS
Michael
answered 3 months ago
  • Rohit
    3 months ago

    Thanks Michael, Actually We have our own API Gateway....so my microservice sends request to my APIGW then as of now it sends to Twilio. so instead of Twilio We want to replace it with SNS. so as per your explanation if I understand correctly you are saying my APIGW should call to your APIGW service using MTLS and from your APIGW to SNS communication will go via TLS(Not MTLS) only? also I want to understand does SNS send sms to aggregator or mobile operator? also just to make sure my services are hosted in PCF and we want to use SNS only. so as per your explanation we will have to use your APIGW service as well? will that work without using your APIGW? also could you please share some technical point of contact so that we can understand end to end? I am looking it for broader organization level. my ID is rohitorientalbpl@gmail.com . if you can share some detail or Point of contact that will be really helpful.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content