I have trying to publish sms from AWS SNS console. It show a success result. But the message is not geting.
Every requests were noted as failure in the console
The response when i publish text message :
SMS message published to phone number +91XXXXXXXXXX successfully.
Message "ID": e3d2bc39-2792-5b2e-adcc-e4733a800795
I was facing the same issue and found I need to generate a support ticket to use SNS SMS.
Below is link for generating supporting ticket, explain your use case for SNS SMS
SNS support ticket link
You can activate Delivery status logging.
From Viewing Amazon CloudWatch metrics and logs for SMS deliveries - Amazon Simple Notification Service:
On the Text messaging (SMS) page, in the Text messaging preferences section, choose Edit.
On the Edit text messaging preferences page, in the Delivery status logging section, do the following:
Sample rate: 100%
Service role: Create a new service role (or choose an existing one if it is there)
You can then send an SMS direct from the Text message (SMS) page. It will show a Delivery Statistics graph to indicate success/failure.
Also, for each message, there will be a log entry in Amazon CloudWatch Logs (go to CloudWatch / Logs / then choose the SNS log). It will look similar to this:
{
"notification": {
"messageId": "xxx",
"timestamp": "2020-12-09 08:40:19.536"
},
"delivery": {
"phoneCarrier": "Optus Mobile Pty Ltd",
"mnc": 2,
"numberOfMessageParts": 1,
"destination": "+61455555555",
"priceInUSD": 0.03809,
"smsType": "Promotional",
"mcc": 505,
"providerResponse": "Message has been accepted by phone carrier",
"dwellTimeMs": 524,
"dwellTimeMsUntilDeviceAck": 2453
},
"status": "SUCCESS"
}
This log will give you the most detail of whether an SMS was sent to the phone carrier, so that you can determine where it might be failing.
Related
We have a GCS bucket named 'testfiles' and Pub/Sub topic 'testtopic' with a subscription 'testsubscription'. We have created a notification configuration to receive notifications on the Pub/Sub topic for any event happening on the GCS bucket. When we run the following command to list the notifications on the bucket,
gcloud storage buckets notifications list gs://testfiles
we see the below output,
{
"kind": "storage#notification",
"selfLink": "https://www.googleapis.com/storage/v1/b/testfiles/notificationConfigs/28",
"id": "28",
"topic": "//pubsub.googleapis.com/projects/test-project/topics/testtopic",
"etag": "28",
"payload_format": "JSON_API_V1"
}
Also, we have provided the Cloud Storage Service account the Pub/Sub Publisher role.
Despite these settings, when we upload a file to the bucket 'testfiles', we do not see any JSON messages in the above mentioned topic/subscription (testtopic/testsubscription).
We tried to follow the documentation here
Please advise, if there is something we are missing.
The console (GCP console, console.cloud.google.com) was not displaying the Pub/Sub messages. However, when we connect to Pub/Sub topic's subscription through a listener code, it was able to receive the JSON messages without any issues.
EDIT: I am sending these messages to numbers in India between 9am to 9pm. Number being in DND registry is probably not an issue because messages do get delivered sometimes.
I am using AWS Cognito for user authentication on my application. Cognito has been set up on ap-south-1 (Mumbai) region which uses AWS SNS to send text messages through ap-southeast-1 (Singapore) region. I have the service limit increased to $10 for Singapore region, so this is not an issue. Majority of my transactional text messages are failing to get delivered. After enabling logs, I am getting these errors:
{
"notification": {
"messageId": "b85b0b1b-fdab-5d76-8361-53e9ba35c023",
"timestamp": "2021-04-15 13:53:34.019"
},
"delivery": {
"phoneCarrier": "NAME OF CARRIER (CHANGED)",
"mnc": 66,
"numberOfMessageParts": 1,
"destination": "+91XXXXXXXXXX",
"priceInUSD": 0.02171,
"smsType": "Transactional",
"mcc": 404,
"providerResponse": "The delivery TTL has expired",
"dwellTimeMs": 149,
"dwellTimeMsUntilDeviceAck": 6310648
},
"status": "FAILURE"
}
Some of them do get delivered but its quite rare. Cognito manages SMS on its own and theres no way for me to set any TTL. Technical support is not covered under basic plan, so I cant get support from Amazon without paying :/
I have created an application where I am adding users from aws lambda function to Cognito and also mapping the users to a group.
I didn't get any error, While creating users on aws cognito.
I have configured aws cognito to send sms when a new user created.
Sms is not received by some numbers but checking the logs it's marked as delivered.
Please have a look at the below log which confirms that message is received by the user but it's not really delivered.
Cognito Region: US WEST(Oregon)
{
"notification": {
"messageId": "8e7158eb-64dd-53f6-82aa-xxxxxxxxxxxx", // I have replaced original id characters by x
"timestamp": "2019-06-04 16:18:29.681"
},
"delivery": {
"phoneCarrier": "AT&T",
"mnc": 180,
"destination": "+1310600xxxx", // I have replaced last 4 digit with x here to show code.
"priceInUSD": 0.00645,
"smsType": "Transactional",
"mcc": 311,
"providerResponse": "Message has been accepted by phone",
"dwellTimeMs": 381,
"dwellTimeMsUntilDeviceAck": 890698
},
"status": "SUCCESS"
}
AWS cognito MFA and Verifications:
AWS cognito Message Customizations:
Many reasons led me to believe that this "issue" seems like an issue only due to AWS's poor logging and response mechanism. The failure and reason should be indicated in the response.
After trying to isolate the issue I understood that applying a request for SNS spending limit increase should solve the issue.
You are right, there's no indication that limit exceeding is the true issue, though multiple posts in the subject are pointing to that solution.
I am working on Amazon SES with SQS to receive the bounce list of the email. For security reason, I am only given the information that necessary to connect to the SES and SQS service (host name, API keys, etc), so I am not able to use the AWS console to see the status of the queue. This is reasonable as I don't want to mess with many other services that are under the same account - especially when the services are not free. However, as the job is added to SQS by SES, I would need a way to see what's in SQS, so as to know if the bug is because the job is not inside SQS or simply because my code failed to retrieve the job.
So, are there tools that I can view the SQS status when I don't have access to AWS console?
Yes, you can use the AWS CLI (https://aws.amazon.com/cli/) to view basic information about the queue:
For example:
aws sqs get-queue-attributes --queue-url https://sqs.us-east-1.amazonaws.com/99999999/HBDService-BackgroundTaskQueue --attribute-names All
will show you this:
{
"Attributes": {
"LastModifiedTimestamp": "1522235654",
"ApproximateNumberOfMessages": "7",
"ReceiveMessageWaitTimeSeconds": "20",
"CreatedTimestamp": "1522235629",
"ApproximateNumberOfMessagesDelayed": "0",
"QueueArn": "arn:aws:sqs:us-east-1:999999999:HBDService-BackgroundTaskQueue",
"RedrivePolicy": "{\"deadLetterTargetArn\":\"arn:aws:sqs:us-east-1:999999999:HBDService-BackgroundTaskQueue-DLQ\",\"maxReceiveCount\":100}",
"MaximumMessageSize": "262144",
"DelaySeconds": "0",
"ApproximateNumberOfMessagesNotVisible": "0",
"MessageRetentionPeriod": "1209600",
"VisibilityTimeout": "180"
}
}
I set an SNS notification to send me an email whenever there is a change regarding the IAM policies. When a change occurs, CloudTrail sends a Log to CloudWatch which triggers an alarm attached to an SNS topic. More details in this link.
Here is an example of what I get by mail:
Alarm Details:
- Name: PolicyAlarm
- Description: This alarm is to monitor IAM Changes
- State Change: INSUFFICIENT_DATA -> ALARM
- Reason for State Change: Threshold Crossed: 1 datapoint [1.0 (31/08/17 09:15:00)] was greater than or equal to the threshold (1.0).
- Timestamp: Thursday 31 August, 2017 09:20:39 UTC
- AWS Account: 00011100000
Threshold:
- The alarm is in the ALARM state when the metric is GreaterThanOrEqualToThreshold 1.0 for 300 seconds.
The only relevant information here is the AWS Account ID. Is there a way to also include the change? Who made it, when and where? Or maybe send little information from the cloudwatch log like the "eventName" ?
There are two ways to trigger notifications from an AWS CloudTrail:
Configure Amazon CloudWatch Logs to look for specific strings. When found, it increments a metric. Then, create an alarm that triggers when the metric exceeds a particular value over a particular period of time. When the notification is sent, only information about the alarm is sent. OR...
Create a rule in Amazon CloudWatch Events to look for the event. Set an Amazon SNS topic as the target. When the notification is sent, full details of the event are passed through.
You should use # 2, since it provides full details of the event.
Here's what I did to test:
Created an Amazon SQS queue in us-east-1 (where all IAM events take place)
Created an Amazon CloudWatch Events rule in us-east-1 with:
Service Name: IAM
Event Type: AWS API Call via CloudTrail
Specific Operations: PutUserPolicy
Edited an IAM policy
Within a short time, the event appeared in SQS:
Here's the relevant bits of the policy that came through:
{
"detail-type": "AWS API Call via CloudTrail",
"source": "aws.iam",
"region": "us-east-1",
"detail": {
"eventSource": "iam.amazonaws.com",
"eventName": "PutUserPolicy",
"awsRegion": "us-east-1",
"requestParameters": {
"policyDocument": "{\n \"Version\": \"2012-10-17\",\n ... }",
"policyName": "my-policy",
"userName": "my-user"
},
"eventType": "AwsApiCall"
}
}
I sent the message to SQS, but you could also send it to SNS to then forward via email.