Getting started with Yandex Cloud Notification Service using AWS CLI
Note
The service is at the preview stage.
To get started with the AWS CLI:
- Get your cloud ready.
- Get a static access key.
- Configure the AWS CLI.
- Create a notification channel.
- Get a list of channels.
- Create an endpoint.
- Send a notification.
Get your cloud ready
Sign up for Yandex Cloud and create a billing account:
- Go to the management console
and log in to Yandex Cloud or create an account if you do not have one yet. - On the Yandex Cloud Billing
page, make sure you have a billing account linked and it has theACTIVE
orTRIAL_ACTIVE
status. If you do not have a billing account, create one.
If you have an active billing account, you can go to the cloud page
Learn more about clouds and folders.
Get a static access key
For authentication in Cloud Notification Service, use a static access key. The key is issued for the service account, and all actions are performed on behalf of that service account.
To get a static access key:
-
Create a service account.
-
Assign the
editor
role for the folder to the service account. -
Create a static access key for the service account.
Save the ID and secret key.
Configure the AWS CLI
The AWS CLI
To configure the AWS CLI:
-
Install
the AWS CLI. -
Enter the command to configure the AWS CLI:
aws configure
-
Enter the values for these parameters:
-
AWS Access Key ID
: Static key ID -
AWS Secret Access Key
: Secret key -
Default region name
:ru-central1
Note
To work with Cloud Notification Service, always specify the
ru-central1
. A different region value may lead to an authorization error.
-
-
Leave the other parameters unchanged.
-
Set the Cloud Notification Service endpoint:
aws configure set endpoint_url https://notifications.yandexcloud.net/
To check the endpoint value in the settings, use this command:
aws configure get endpoint_url
By using
configure set
andconfigure get
, you can manage settings in the~/.aws/config
configuration file. You can also configure parameters via environment variables .Warning
Since there are multiple ways to set an endpoint, each of these ways has a defined priority
. Environment variables override configuration file settings.To prevent conflicts, use
echo $AWS_ENDPOINT_URL
to check the environment variable andaws configure get endpoint_url
to verify the configuration file parameter.Also, make sure there are no conflicts between the configuration (the
~/.aws/credentials
file) and theAWS_DEFAULT_REGION
,AWS_ACCESS_KEY_ID
, andAWS_SECRET_ACCESS_KEY
environment variables.
Sample configuration files
-
~/.aws/config
:[default] region = ru-central1 endpoint_url = https://notifications.yandexcloud.net/
-
~/.aws/credentials
:[default] aws_access_key_id = <static_key_ID> aws_secret_access_key = <secret_key>
For more information about setting up the AWS CLI, see the AWS documentation
Create a notification channel
To create a notification channel, run this command:
aws sns create-platform-application \
--name <channel_name> \
--platform <platform_type> \
--attributes <parameter1>=<value1>, ... <parameterN>=<valueN>
Where:
-
--name
: Notification channel name, user-defined.The name must be unique throughout CNS. Once the channel is created, you will not be able to change the name. The name may contain lowercase and uppercase Latin letters, numbers, underscores, hyphens, and periods. It must be from 1 to 256 characters long. For APNs channels, we recommend specifying the bundle ID in the name; for FCM and HMS, the full package name; for RuStore,
packageName
. -
--platform
: Mobile platform type:APNS
andAPNS_SANDBOX
: Apple Push Notification service (APNs). UseAPNS_SANDBOX
to test the application.GCM
: Firebase Cloud Messaging (FCM).HMS
: Huawei Mobile Services (HMS).RUSTORE
: RuStore Android.
-
--attributes
: Mobile platform authentication parameters in<parameter>=<value>
format, comma-separated. The values depend on the platform:-
APNs:
-
Token-based authentication:
PlatformPrincipal
: Path to the signature key file from Apple.PlatformCredential
: Key ID.ApplePlatformTeamID
: Team ID.ApplePlatformBundleID
: Bundle ID.
-
Certificate-based authentication:
-
PlatformPrincipal
: SSL certificate in.pem
format. -
PlatformCredential
: Certificate private key in.pem
format.To save the certificate and the private key in individual
.pem
files, use the openssl Linux utility:openssl pkcs12 -in Certificates.p12 -nokeys -nodes -out certificate.pem openssl pkcs12 -in Certificates.p12 -nocerts -nodes -out privatekey.pem
-
Token-based authentication is preferred as a more modern option.
-
-
FCM:
PlatformCredential
is the Google Cloud service account key in JSON format for authentication with the HTTP v1 API or API key (server key) for authentication with the legacy API.We recommend escaping the file contents using the
jq @json <<< cat private_key.json
command, as the AWS CLI accepts this parameter in string format.The HTTP v1 API is preferred as FCM will no longer support
the legacy API starting from June 2024. -
HMS:
PlatformPrincipal
: Key ID.PlatformCredential
: API key.
-
RuStore:
PlatformPrincipal
: Project ID (ProjectID).PlatformCredential
: Service token (ServiceToken).
-
As a result, you will get a notification channel ID (ARN). Save it for future use.
For more information about the aws sns create-platform-application
command, see the AWS documentation
Get a list of notification channels
aws sns list-platform-applications
You will get the list of notification channels located in the same folder as the service account.
For more information about the aws sns list-platform-applications
command, see the AWS documentation
Create an endpoint
To create a mobile endpoint, run the following command:
aws sns create-platform-endpoint \
--platform-application-arn <notification_channel_ARN> \
--token <push_token>
Where:
--platform-application-arn
: Notification channel ID (ARN).--token
: Unique push token for the application on the user’s device.
As a result, you will get a mobile endpoint ID (ARN). Save it for future use.
For more information about the aws sns create-platform-endpoint
command, see the AWS documentation
Send a notification
Explicit notifications (Bright Push)
aws sns publish \
--target-arn "<endpoint_ARN>" \
--message-structure json \
--message '{"default": "<notification_text>", "APNS": "{ \"aps\": { \"alert\": \"<notification_text>\"} }" }'
aws sns publish \
--target-arn "<endpoint_ARN>" \
--message-structure json \
--message '{"default": "<notification_text>", "GCM": "{ \"notification\": { \"body\": \"<notification_text>\"} }" }'
Where:
--target-arn
: Mobile endpoint ID (ARN)--message-structure
: Message format--message
: Message
Silent notifications (Silent Push)
aws sns publish \
--target-arn <endpoint_ARN> \
--message-structure json \
--message '{"data": { "key": "value" } }'
Where:
--target-arn
: Mobile endpoint ID (ARN)--message-structure
: Message format--message
: Message
For more information about the aws sns publish
command, see the AWS documentation