Skip to main content

Documentation Index

Fetch the complete documentation index at: https://help.getvero.com/llms.txt

Use this file to discover all available pages before exploring further.

When configuring an Amazon SNS push channel in Vero, we recommend creating a dedicated IAM user with a minimal access policy rather than using your root AWS credentials.

Create a dedicated IAM user

Create a new user in your AWS IAM account specifically for Vero. This limits Vero’s access to only the SNS resources it needs. To create an IAM user, follow the AWS IAM user creation guide. During setup you’ll be asked to assign a policy — create a new one using the example below. Create a new policy (for example, named vero-sns-push) and attach it to the IAM user. The policy below grants the minimum permissions Vero requires:
  • Listing the SNS platform applications (so Vero can populate the provider dropdowns)
  • Creating and managing platform endpoints (device tokens)
  • Publishing messages to those endpoints
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowPublishingMessages",
      "Effect": "Allow",
      "Action": "sns:Publish",
      "Resource": [
        "arn:aws:sns:us-east-1:ACCOUNT_ID:app/GCM/YOUR_ENDPOINT_NAME",
        "arn:aws:sns:us-east-1:ACCOUNT_ID:app/APNS_SANDBOX/YOUR_ENDPOINT_NAME"
      ]
    },
    {
      "Sid": "AllowListingServicesAndManagingEndpoints",
      "Effect": "Allow",
      "Action": [
        "sns:ListPlatformApplications",
        "sns:CreatePlatformEndpoint",
        "sns:GetEndpointAttributes",
        "sns:DeleteEndpoint"
      ],
      "Resource": "*"
    }
  ]
}
Replace ACCOUNT_ID with your AWS account ID and YOUR_ENDPOINT_NAME with the name of your SNS platform application.

Need Help?

If you have any questions, reach out to us at support@getvero.com.