Skip to content

AWS SNS Notification Delivery Failed Fix

DodaTech Updated 2026-06-24 2 min read

In this tutorial, you'll learn about AWS SNS Notification Delivery Failed Fix. We cover key concepts, practical examples, and best practices to help you understand and apply this topic effectively.

Your SNS topic shows DeliveryFailed in CloudWatch metrics or logs — the notification could not be delivered to the subscribed endpoint due to configuration errors, network issues, or endpoint unavailability.

Step-by-Step Fix

1. Check subscription status

aws sns list-subscriptions-by-topic --topic-arn arn:aws:sns:us-east-1:123456789012:my-topic

Expected output:

{
    "Subscriptions": [
        {
            "SubscriptionArn": "arn:aws:sns:us-east-1:123456789012:my-topic:sub-abc",
            "Protocol": "email",
            "Endpoint": "user"@example".com",
            "SubscriptionArn": "arn:aws:sns:us-east-1:123456789012:my-topic:sub-abc]
        }
    ]
}

A subscription with PendingConfirmation is not yet active.

2. Confirm the subscription

# For email subscriptions, click the confirmation link in the email
# For HTTP/HTTPS, confirm programmatically
aws sns confirm-subscription \
  --topic-arn arn:aws:sns:us-east-1:123456789012:my-topic \
  --token "confirmation-token-from-header"

3. Configure a dead-letter queue

# Create a DLQ for failed deliveries
aws sqs create-queue --queue-name my-topic-dlq

# Set the DLQ on the subscription
aws sns set-subscription-attributes \
  --subscription-arn arn:aws:sns:us-east-1:123456789012:my-topic:sub-abc \
  --attribute-name RedrivePolicy \
  --attribute-value '{"deadLetterTargetArn":"arn:aws:sqs:us-east-1:123456789012:my-topic-dlq"}'

4. Set delivery retry policy

# Configure HTTP/HTTPS delivery retry policy
aws sns set-subscription-attributes \
  --subscription-arn arn:aws:sns:us-east-1:123456789012:my-topic:sub-abc \
  --attribute-name DeliveryPolicy \
  --attribute-value '{
    "healthyRetryPolicy": {
      "minDelayTarget": 1,
      "maxDelayTarget": 20,
      "numRetries": 3,
      "numNoDelayRetries": 0,
      "numMinDelayRetries": 0,
      "numMaxDelayRetries": 0,
      "backoffFunction": "linear"
    },
    "throttlePolicy": {
      "maxReceivesPerSecond": 10
    }
  }'

5. Check IAM permissions for SQS delivery

// Attach this policy to the SQS queue for SNS write access
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "sns.amazonaws.com]
            },
            "Action": "sqs:SendMessage",
            "Resource": "arn:aws:sqs:us-east-1:123456789012:my-queue",
            "Condition": {
                "ArnEquals": {
                    "aws:SourceArn": "arn:aws:sns:us-east-1:123456789012:my-topic"
                }
            }
        }
    ]
}

6. Monitor delivery status with CloudWatch

aws cloudwatch get-metric-statistics \
  --namespace AWS/SNS \
  --metric-name NumberOfNotificationsDelivered \
  --dimensions Name=TopicName,Value=my-topic \
  --start-time 2024-01-01T00:00:00Z \
  --end-time 2024-01-15T00:00:00Z \
  --period 3600 \
  --statistics Sum

Prevention

  • Always confirm email subscriptions by clicking the confirmation link.
  • Configure dead-letter queues for all production SNS subscriptions.
  • Set appropriate retry policies for HTTP/HTTPS endpoints.
  • Monitor SNS delivery metrics with CloudWatch alarms.
  • Use message filtering to reduce unnecessary deliveries.

Common Mistakes with sns delivery

  1. Using head and tail instead of pattern matching, causing runtime errors on empty lists
  2. Forgetting that lazy evaluation defers computation until the value is forced, causing space leaks with unevaluated thunks
  3. Using return to exit a function early instead of wrapping a pure value in the monad

These mistakes appear frequently in real-world AWS code. DodaTech's contributors have identified these patterns through analysis of open-source projects and production systems.

Practice Exercise

Write a pure function that safely divides two integers using Maybe, then test it with edge cases like division by zero and negative numbers.

This exercise reinforces the concepts covered in this guide. Try implementing it before checking online solutions.

FAQ

Why is my HTTP subscription showing "PendingConfirmation"?

HTTP/HTTPS subscriptions require you to respond to the subscription confirmation request sent to your endpoint. Your endpoint must return 200 OK with the SubscribeURL token. |||What happens when SNS cannot deliver a message? SNS retries based on the delivery policy (default: 3 retries). After exhausting retries, the message is discarded unless a dead-letter queue is configured. |||Can I see why a specific message failed to deliver? Enable CloudWatch logs for SNS delivery status. Check the Delivery.log file in CloudWatch for detailed failure reasons like endpoint timeout, invalid response, or throttling.

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro