Maybe this is not supported by AWS, however, when creating a certification on Apple Developer Console I chose "Apple Push Notification service SSL (Sandbox & Production)". I used this certification to set up an SNS. If I check the "Used for development in sandbox" checkbox, the notifications will work when compiling the app via XCODE but not via testflight, if I use this certification and I uncheck this checkbox the notifications will work from testflight but from XCODE.
I was under the impression that this new type of certification can be used in development and production, so I'm little bit confused. It seems like AWS knows if my app is compiled for development or production.
Is there a way to set up one SNS for development and production on iOS?
I just went through this today with my AWS team. (I'm an iOS developer so forgive me if I don't use the correct AWS terminology. Hopefully it's close enough.)
The new certificate CAN be used for both Sandbox and Production. However, an AWS SNS endpoint (ARN?) has to be created for each one. As you stated if you check the "Used for development in sandbox" checkbox it will start working when running from Xcode, but it won't work for the TestFlight app. It's either/or, not both.
To get this working, you need to create two SNS endpoints. You can use the same "Apple Push Notification service SSL (Sandbox & Production)" APNS certificate for both endpoints, but only check the "Used for development in sandbox" in one of them.
I don't know if this applies to your situation, but for my app our AWS team added a "development" flag to our device registration API so they can differentiate on their end whether to send the notification to the APNS or APNS_SANDBOX endpoint.