Filter policy constraints in Amazon SNS - Amazon Simple Notification Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Filter policy constraints in Amazon SNS

When you create a filter policy, keep the following constraints in mind.

Common policy constraints

  • String Matching – For string matching in the filter policy, the comparison is case-sensitive.

  • Numeric Matching – For numeric matching, the value can range from -109 to 109 (-1 billion to 1 billion), with five digits of accuracy after the decimal point.

  • Filter Policy Complexity – For the complexity of the filter policy, the total combination of values must not exceed 150. To calculate the total combination, multiply the number of values in each array in the filter policy.

Consider the following example policy:

{ "key_a": ["value_one", "value_two", "value_three"], "key_b": ["value_one"], "key_c": ["value_one", "value_two"] }

The first array has three values, the second has one value, and the third has two values. The total combination is calculated as follows:

3 x 1 x 2 = 6
  • The JSON of the filter policy can contain the following:

    • Strings enclosed in quotation marks

    • Numbers

    • The keywords true, false, and null, without quotation marks

  • When using the Amazon SNS API, you must pass the JSON of the filter policy as a valid UTF-8 string.

  • The maximum size of a filter policy is 256 KB.

  • By default, you can have up to 200 filter policies per topic, and 10,000 filter policies per Amazon account.

    This policy limit would not stop Amazon SQS queue subscriptions from being created with the Subscribe API. However, it will fail when you attach the filter policy in the Subscribe API call (or the SetSubscriptionAttributes API call).

    To increase this quota, you can use Amazon Service Quotas.

Policy constraints for attribute-based filtering

  • Attribute-based filtering is the default option. FilterPolicyScope is set to MessageAttributes in the subscription.

  • Amazon SNS doesn't accept a nested filter policy for attribute-based filtering.

  • Amazon SNS compares policy properties only to message attributes that have the following data types:

    • String

    • String.Array

      Important

      Passing objects in arrays is not recommended because it may yield unexpected results due to the nesting, which is not supported by attribute-based filtering. Use payload-based filtering for nested policies.

    • Number

  • Amazon SNS ignores message attributes with the Binary data type.

  • A filter policy can have a maximum of five attribute names.

Policy constraints for payload-based filtering

  • Amazon SNS accepts a nested filter policy for payload-based filtering. To calculate the total combination of values in the filter policy, multiply the number of values in each nested array.

    Consider the following example policy:

{ "key_a": { "key_b": { "key_c": ["value_one", "value_two", "value_three", "value_four"] } }, "key_d": { "key_e": ["value_one", "value_two", "value_three"] } }
  • The first array has four values in a three-level nested key, and the second has three values in a two-level nested key. The total combination is calculated as follows:

4 x 3 x 3 x 2 = 72
  • A filter policy can have a maximum of five attribute names. For a nested policy, only parent keys are counted.

  • To switch from attribute-based (default) to payload-based filtering, you must set the FilterPolicyScope to MessageBody in the subscription.