Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Getting started with Yandex Cloud Notification Service using AWS CLI

Written by
Updated at May 7, 2025

Note

The service is at the preview stage.

To get started with the AWS CLI:

  1. Get your cloud ready.
  2. Get a static access key.
  3. Configure the AWS CLI.
  4. Create a notification channel.
  5. Get a list of channels.
  6. Create an endpoint.
  7. Send a notification.

Get your cloud ready

Sign up in Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or register a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure to operate in.

Learn more about clouds and folders.

Get a static access key

For authentication in Cloud Notification Service, use a static access key. The key is issued for the service account, and all actions are performed on behalf of that service account.

To get a static access key:

  1. Create a service account.

  2. Assign the editor role for the folder to the service account.

  3. Create a static access key for the service account.

    Save the ID and secret key.

Configure the AWS CLI

The AWS CLI is a command line interface designed for AWS services. The Cloud Notification Service HTTP API is compatible with the Amazon SNS API. To learn how to run commands, see the official Amazon documentation.

To configure the AWS CLI:

  1. Install the AWS CLI.

  2. Enter the command to configure the AWS CLI:

    aws configure

  3. Enter the values for these parameters:

    • AWS Access Key ID: Static key ID

    • AWS Secret Access Key: Secret key

    • Default region name: ru-central1

      Note

      To work with Cloud Notification Service, always specify the ru-central1. A different region value may lead to an authorization error.

  4. Leave the other parameters unchanged.

  5. Set the Cloud Notification Service endpoint:

    aws configure set endpoint_url https://notifications.yandexcloud.net/

    To check the endpoint value in the settings, use this command:

    aws configure get endpoint_url

    By using configure set and configure get, you can manage settings in the ~/.aws/config configuration file. You can also configure parameters via environment variables.

    Warning

    Since there are multiple ways to set an endpoint, each of these ways has a defined priority. Environment variables override configuration file settings.

    To prevent conflicts, use echo $AWS_ENDPOINT_URL to check the environment variable and aws configure get endpoint_url to verify the configuration file parameter.

    Also, make sure there are no conflicts between the configuration (the ~/.aws/credentials file) and the AWS_DEFAULT_REGION, AWS_ACCESS_KEY_ID, and AWS_SECRET_ACCESS_KEY environment variables.

Sample configuration files

  • ~/.aws/config:

    [default]
region = ru-central1
endpoint_url = https://notifications.yandexcloud.net/

  • ~/.aws/credentials:

    [default]
aws_access_key_id = <static_key_ID>
aws_secret_access_key = <secret_key>

For more information about setting up the AWS CLI, see the AWS documentation.

Create a notification channel

To create a notification channel, run this command:

aws sns create-platform-application \
  --name <channel_name> \
  --platform <platform_type> \
  --attributes <parameter1>=<value1>, ... <parameterN>=<valueN>

Where:

  • --name: Notification channel name, user-defined.

    The name must be unique throughout CNS. Once the channel is created, you will not be able to change the name. The name may contain lowercase and uppercase Latin letters, numbers, underscores, hyphens, and periods. It must be from 1 to 256 characters long. For APNs channels, we recommend specifying the bundle ID in the name; for FCM and HMS, the full package name; for RuStore, packageName.

  • --platform: Mobile platform type:

    • APNS and APNS_SANDBOX: Apple Push Notification service (APNs). Use APNS_SANDBOX to test the application.
    • GCM: Firebase Cloud Messaging (FCM).
    • HMS: Huawei Mobile Services (HMS).
    • RUSTORE: RuStore Android.

  • --attributes: Mobile platform authentication parameters in <parameter>=<value> format, comma-separated. The values depend on the platform:

    • APNs:

      • Token-based authentication:

        • PlatformPrincipal: Path to the signature key file from Apple.
        • PlatformCredential: Key ID.
        • ApplePlatformTeamID: Team ID.
        • ApplePlatformBundleID: Bundle ID.

      • Certificate-based authentication:

        • PlatformPrincipal: SSL certificate in .pem format.

        • PlatformCredential: Certificate private key in .pem format.

          To save the certificate and the private key in individual .pem files, use the openssl Linux utility:

          openssl pkcs12 -in Certificates.p12 -nokeys -nodes -out certificate.pem
openssl pkcs12 -in Certificates.p12 -nocerts -nodes -out privatekey.pem

      Token-based authentication is preferred as a more modern option.

    • FCM: PlatformCredential is the Google Cloud service account key in JSON format for authentication with the HTTP v1 API or API key (server key) for authentication with the legacy API.

      We recommend escaping the file contents using the jq @json <<< cat private_key.json command, as the AWS CLI accepts this parameter in string format.

      The HTTP v1 API is preferred as FCM will no longer support the legacy API starting from June 2024.

    • HMS:

      • PlatformPrincipal: Key ID.
      • PlatformCredential: API key.

    • RuStore:

      • PlatformPrincipal: Project ID (ProjectID).
      • PlatformCredential: Service token (ServiceToken).

As a result, you will get a notification channel ID (ARN). Save it for future use.

For more information about the aws sns create-platform-application command, see the AWS documentation.

Get a list of notification channels

aws sns list-platform-applications

You will get the list of notification channels located in the same folder as the service account.

For more information about the aws sns list-platform-applications command, see the AWS documentation.

Create an endpoint

To create a mobile endpoint, run the following command:

aws sns create-platform-endpoint \
  --platform-application-arn <notification_channel_ARN> \
  --token <push_token>

Where:

  • --platform-application-arn: Notification channel ID (ARN).
  • --token: Unique push token for the application on the user’s device.

As a result, you will get a mobile endpoint ID (ARN). Save it for future use.

For more information about the aws sns create-platform-endpoint command, see the AWS documentation.

Send a notification

Explicit notifications (Bright Push)

aws sns publish \
  --target-arn "<endpoint_ARN>" \
  --message-structure json \
  --message '{"default": "<notification_text>", "APNS": "{ \"aps\": { \"alert\": \"<notification_text>\"} }" }'

aws sns publish \
  --target-arn "<endpoint_ARN>" \
  --message-structure json \
  --message '{"default": "<notification_text>", "GCM": "{ \"notification\": { \"body\": \"<notification_text>\"} }" }'

Where:

  • --target-arn: Mobile endpoint ID (ARN)
  • --message-structure: Message format
  • --message: Message

Silent notifications (Silent Push)

aws sns publish \
  --target-arn <endpoint_ARN> \
  --message-structure json \
  --message '{"data": { "key": "value" } }'

Where:

  • --target-arn: Mobile endpoint ID (ARN)
  • --message-structure: Message format
  • --message: Message

For more information about the aws sns publish command, see the AWS documentation.

See also

Previous
All tools
Next
AWS SDK for C++