AWSGlossary

Kinesis Data Streams: What It Is and When to Use It

Definition

Amazon Kinesis Data Streams is a serverless, highly scalable, and durable real-time data streaming service. It is designed to continuously capture gigabytes of data per second from hundreds of thousands of sources such as application logs, website clickstreams, IoT telemetry data, and social media feeds.

How It Works

Kinesis Data Streams ingests and processes large streams of data records in real-time. The architecture consists of several key components:

  • Producers: Applications that send data records to a Kinesis data stream. Producers can be anything from web servers, mobile clients, or IoT devices using the AWS SDK, Kinesis Producer Library (KPL), or Kinesis Agent.
  • Data Stream: A set of shards that acts as the backbone for real-time data processing. Data is stored in the stream for a configurable retention period.
  • Shards: The base unit of throughput in a stream. Each shard provides a fixed capacity of 1 MB/second and 1,000 records/second for data ingestion (writes) and 2 MB/second for data consumption (reads). The total capacity of a stream is the sum of the capacities of its shards.
  • Data Records: The unit of data stored in a stream, consisting of a sequence number, a partition key, and a data blob (up to 1 MB).
  • Partition Key: A string used to group and route data records to specific shards within a stream. Kinesis Data Streams uses an MD5 hash function on the partition key to determine which shard a given data record belongs to, ensuring that all records with the same partition key go to the same shard.
  • Consumers: Applications that read and process data records from a stream. Consumers can be AWS Lambda functions, Amazon Kinesis Data Analytics applications, Amazon Kinesis Data Firehose delivery streams, or custom applications built using the Kinesis Client Library (KCL) running on Amazon EC2 instances.

Consumers can read data using two different models:

  • Standard (Shared Throughput): All consumers share the shard's 2 MB/second read capacity. This is suitable for a small number of consuming applications.
  • Enhanced Fan-Out (Dedicated Throughput): Each registered consumer gets its own dedicated read throughput of up to 2 MB/second per shard. This model uses a push-based mechanism over HTTP/2, reducing latency to around 70 milliseconds and is ideal for low-latency applications or when multiple consumers need to read the same stream independently.

Key Features and Limits

  • Capacity Modes: Kinesis Data Streams offers two capacity modes:
    • Provisioned Mode: You manually specify and manage the number of shards for your stream.
    • On-Demand Mode: Kinesis automatically manages the shards to provide the necessary throughput, scaling based on observed traffic. This mode is ideal for workloads with unpredictable traffic patterns.
  • Data Retention: Data records are stored by default for 24 hours, but this can be extended up to 365 days.
  • Scalability & Throughput: A stream's throughput is determined by its number of shards. In provisioned mode, default shard limits have been increased to 20,000 shards per account in major regions like US East (N. Virginia), allowing for massive scale. On-demand streams can scale up to 10 GB/s write and 20 GB/s read throughput.
  • Durability and Availability: Data is synchronously replicated across three Availability Zones (AZs) within an AWS Region.
  • Security: Supports encryption in transit via TLS and encryption at rest using AWS Key Management Service (KMS). It can also be accessed privately from a Virtual Private Cloud (VPC) using VPC endpoints.
  • Record Size: The maximum size of a data payload (before Base64-encoding) is 1 MB.
  • Consumers: A stream can have up to 20 registered consumers using Enhanced Fan-Out in provisioned mode, and up to 50 in On-demand Advantage mode.

Common Use Cases

  • Real-time Analytics: Ingest and process large volumes of log and event data in real-time to power live dashboards and generate metrics.
  • Log and Event Data Collection: Aggregate logs from servers, applications, and mobile devices for centralized processing, analysis, and archiving.
  • IoT Data Ingestion: Collect and process high-volume, high-frequency data streams from thousands or millions of IoT devices for real-time monitoring and response.
  • Website Clickstream Analysis: Capture user interaction data from websites and mobile apps to analyze user behavior, personalize experiences, and optimize engagement.
  • Real-time Fraud Detection: Analyze financial transactions or user activity streams in real-time to identify and respond to fraudulent patterns immediately.

Pricing Model

Amazon Kinesis Data Streams uses a pay-as-you-go model with no upfront costs. The pricing structure depends on the chosen capacity mode:

  • Provisioned Mode: You are billed primarily based on:
    • Shard Hour: An hourly rate for each shard in your stream.
    • PUT Payload Unit: A per-GB charge for data ingested, measured in 25 KB units.
  • On-Demand Mode: This mode simplifies pricing by charging for:
    • Data Ingested: A per-GB charge for all data written to your streams.
    • Data Retrieved: A per-GB charge for data read from your streams.
    • Per-Stream Hour: An hourly charge for each active on-demand stream.

Additional charges may apply for optional features like Extended/Long-Term Data Retention and Enhanced Fan-Out (billed per consumer-shard hour and per GB of data retrieved). Standard AWS data transfer costs apply for data moved between regions. For detailed estimates, use the AWS Pricing Calculator.

Pros and Cons

Pros:

  • Fully Managed: As a serverless offering, it eliminates the need to manage servers or infrastructure.
  • Highly Scalable: Can scale to handle massive throughput, from megabytes to terabytes per hour.
  • Real-Time Processing: Data is available to consumers in milliseconds, enabling low-latency use cases.
  • Durable and Ordered: Guarantees record ordering within a partition key and replicates data across multiple AZs for high durability.
  • Ecosystem Integration: Tightly integrated with other AWS services like Lambda, S3, and Amazon Managed Service for Apache Flink, simplifying the creation of complete streaming applications.

Cons:

  • Shard Management Complexity: In provisioned mode, users must manually manage shard counts to balance cost and performance, which can be complex for variable workloads.
  • Potential for Hot Shards: An uneven data distribution, caused by a poorly chosen partition key, can lead to a "hot shard" where one shard is overwhelmed with traffic while others are underutilized, causing throttling.
  • Cost at Scale: While flexible, the pricing for high-throughput workloads, especially with Enhanced Fan-Out, can become significant and requires careful monitoring.

Comparison with Alternatives

  • Amazon SQS (Simple Queue Service): SQS is a message queue used for decoupling microservices and distributed systems. Kinesis is a real-time data stream for ordered, replayable processing by multiple consumers. Choose SQS for task queues and decoupling applications; choose Kinesis for real-time analytics, log aggregation, and processing ordered event streams.
  • Amazon MSK (Managed Streaming for Apache Kafka): MSK is a managed service for open-source Apache Kafka. Kinesis is a simpler, fully managed, proprietary AWS service. Choose Kinesis for ease of use and tight AWS integration. Choose MSK if you need the specific features of the Kafka ecosystem, have existing Kafka expertise, or require more control and configuration options.
  • Amazon EventBridge: EventBridge is a serverless event bus that simplifies building event-driven architectures by routing events from various sources (including AWS services and SaaS applications) to targets. Kinesis is designed for ingesting and processing high-volume, raw data streams. Use EventBridge for routing and filtering discrete events based on their content; use Kinesis for processing continuous, large-scale streams of data.

Exam Relevance

Kinesis Data Streams is a key topic on several AWS certification exams, particularly:

  • AWS Certified Solutions Architect – Associate & Professional: Questions often focus on architectural patterns, comparing Kinesis with SQS, and designing scalable data ingestion pipelines.
  • AWS Certified Developer – Associate: Focuses on producer and consumer implementation details, using the AWS SDK, KPL, and KCL.
  • AWS Certified Data Analytics – Specialty: This exam covers Kinesis in depth, including capacity planning, shard management, partition key strategies, consumer design (standard vs. enhanced fan-out), security, and integration with other analytics services.

Examinees should understand the core concepts of shards, partition keys, and how to scale a stream, as well as the trade-offs between Kinesis, SQS, and MSK.

Frequently Asked Questions

Q: What is the difference between Kinesis Data Streams and SQS?

A: Kinesis Data Streams is designed for real-time processing of ordered, streaming data that can be read by multiple consumers and replayed. Amazon SQS is a message queue service used to decouple application components, where a message is typically processed by a single consumer and then deleted from the queue.

Q: How do I choose the right number of shards for my stream?

A: In provisioned mode, the number of shards depends on your required throughput. Calculate your needed write throughput (in MB/sec and records/sec) and read throughput (in MB/sec). Each shard provides 1 MB/s write and 2 MB/s read capacity. Provision enough shards to meet the higher of your calculated write or read needs. Alternatively, you can use the On-Demand capacity mode, which automatically manages sharding for you based on your workload.

Q: What is a "hot shard" and how can I avoid it?

A: A hot shard occurs when a disproportionate amount of data is sent to a single shard, exceeding its capacity limits and causing throttling, even if the stream's overall capacity is sufficient. This is usually caused by a poor partition key strategy where one key is used much more frequently than others. To avoid this, use a partition key with high cardinality (many unique values) that distributes records evenly across all shards, such as a UUID or a composite key.

This article reflects AWS features and pricing as of 2026. AWS services evolve rapidly — always verify against the official AWS documentation before making production decisions.

Published: 6/4/2026 / Updated: 6/5/2026

This article is for informational purposes only. AWS services, pricing, and features change frequently — always verify details against the official AWS documentation before making production decisions.

More in Analytics

Amazon Managed Grafana: Visualize Data Easily

Amazon Managed Grafana is a fully managed data visualization service. Query, correlate, and visualize metrics, logs, and traces from multiple sources. Learn when to use it.

Amazon CloudSearch: How It Works & When to Use It

Amazon CloudSearch is a fully managed search service. Learn about its features, use cases, and why AWS recommends OpenSearch Service for new customers.

Kinesis vs SQS: How It Works & When to Use It

Amazon Kinesis Data Streams and SQS are AWS managed services for messages. Kinesis is for real-time streaming analytics, SQS for message queuing. Learn when to choose it.

OpenSearch vs Elasticsearch: How It Works & When to Use It

OpenSearch and Elasticsearch are open-source search engines for real-time data. Compare features, use cases, and licensing to choose the right one.

AWS Data Pipeline: How It Works & When to Use It

AWS Data Pipeline is a web service that helps you reliably process and move data between different AWS compute and storage services. Learn about its use cases and migration options.

View all Analytics terms →