Amazon EventBridge¶

Amazon EventBridge (formerly called CloudWatch Events) invokes your function asynchronously with an event document that wraps the event from its source.

Request¶

Example CloudWatch Event¶

CloudWatch Events Event Examples From Supported Services

EventBridge event example¶

EventBridge (CloudWatch Events) event example

{
   "version":"0",
   "id":"fe8d3c65-xmpl-c5c3-2c87-81584709a377",
   "detail-type":"RDS DB Instance Event",
   "source":"aws.rds",
   "account":"123456789012",
   "time":"2020-04-28T07:20:20Z",
   "region":"us-east-2",
   "resources":[
      "arn:aws:rds:us-east-2:123456789012:db:rdz6xmpliljlb1"
   ],
   "detail":{
      "EventCategories":[
         "backup"
      ],
      "SourceType":"DB_INSTANCE",
      "SourceArn":"arn:aws:rds:us-east-2:123456789012:db:rdz6xmpliljlb1",
      "Date":"2020-04-28T07:20:20.112Z",
      "Message":"Finished DB Instance backup",
      "SourceIdentifier":"rdz6xmpliljlb1"
   }
}

EventBridge scheduled event¶

EventBridge (CloudWatch Events) message event

{
   "version":"0",
   "account":"123456789012",
   "region":"us-east-2",
   "detail":{},
   "detail-type":"Scheduled Event",
   "source":"aws.events",
   "time":"2019-03-01T01:23:45Z",
   "id":"cdc73f9d-aea9-11e3-9d5a-835b769c0d9c",
   "resources":[
      "arn:aws:events:us-east-2:123456789012:rule/my-schedule"
   ]
}

EventBridge S3 event¶

EventBridge S3 event

{
   "version":"0",
   "id":"2d4eba74-fd51-3966-4bfa-b013c9da8ff1",
   "detail-type":"Object Created",
   "source":"aws.s3",
   "account":"123456789012",
   "time":"2021-11-13T00:00:59Z",
   "region":"us-east-1",
   "resources":[
      "arn:aws:s3:::jbarr-public"
   ],
   "detail":{
      "version":"0",
      "bucket":{
         "name":"jbarr-public"
      },
      "object":{
         "key":"eb_create_rule_mid_1.png",
         "size":99797,
         "etag":"7a72374e1238761aca7778318b363232",
         "version-id":"a7diKodKIlW3mHIvhGvVphz5N_ZcL3RG",
         "sequencer":"00618F003B7286F496"
      },
      "request-id":"4Z2S00BKW2P1AQK8",
      "requester":"348414629041",
      "source-ip-address":"72.21.198.68",
      "reason":"PutObject"
   }
}

EC2 Instance State-change Event¶

EventBridge (CloudWatch Events) invokes your Lambda function asynchronously with the event document from Amazon EC2.

Using AWS Lambda with Amazon EC2

Amazon EC2 State Change Events

{
    "version": "0",
    "id": "b6ba298a-7732-2226-xmpl-976312c1a050",
    "detail-type": "EC2 Instance State-change Notification",
    "source": "aws.ec2",
    "account": "123456798012",
    "time": "2019-10-02T17:59:30Z",
    "region": "us-east-2",
    "resources": [
        "arn:aws:ec2:us-east-2:123456798012:instance/i-0c314xmplcd5b8173"
    ],
    "detail": {
        "instance-id": "i-0c314xmplcd5b8173",
        "state": "running"
    }
}

CodeCommit Repository State Change¶

Merging changes

{
   "version": "0",
   "id": "01234567-EXAMPLE",
   "detail-type": "CodeCommit Repository State Change",
   "source": "aws.codecommit",
   "account": "123456789012",
   "time": "2019-06-12T10:23:43Z",
   "region": "us-east-2",
   "resources": [
     "arn:aws:codecommit:us-east-2:123456789012:MyDemoRepo"
   ],
   "detail": {
     "event": "referenceUpdated",
     "repositoryName": "MyDemoRepo",
     "repositoryId": "12345678-1234-5678-abcd-12345678abcd",
     "referenceType": "branch",
     "referenceName": "myBranch",
     "referenceFullName": "refs/heads/myBranch",
     "commitId": "7f0103fMERGE",
     "oldCommitId": "3e5983DESTINATION",
     "baseCommitId": "3e5a9bf1BASE",
     "sourceCommitId": "26a8f2SOURCE",
     "destinationCommitId": "3e5983DESTINATION",
     "mergeOption": "THREE_WAY_MERGE",
     "conflictDetailsLevel": "LINE_LEVEL",
     "conflictResolutionStrategy": "AUTOMERGE"
   }
}

Getting the correlation id¶

JSON path to correlation id: id

Generating sample events¶

sam local generate-event cloudwatch scheduled-event

Response¶

N/A

Resources¶

Typing and data classes

Typescript - EventBridgeEvent - NPM @types/aws-lambda
Python - EventBridgeEvent - Pip aws-lambda-powertools
Go - CloudWatchEvent
DotNet - CloudWatchEvent - NuGet Amazon.Lambda.CloudWatchEvents
Php - EventBridgeEvent - Composer bref/bref
Rust - cloud_events - aws_lambda_events

Handlers with infrastructure provisioning

Ruby - CloudWatch Rules Event - gem jets
Python - Chalice on_cw_event - pip chalice

Code Examples¶

DotNet has a large number of handlers for CloudWatch Events.

DotNet ECSTaskStateChangeEvent example

public class Function
{
    public string Handler(ECSTaskStateChangeEvent ecsTaskStateChangeEvent)
    {
        Console.WriteLine($"ECS Task ARN - {ecsTaskStateChangeEvent.Detail.TaskArn}");
    }
}

Jet - CloudWatch Rules Events allows you to define the infracture code next to the implementation

Ruby example might be getting notified when an unwanted security group port gets opened.

class SecurityJob < ApplicationJob
  rule_event(
    description: "Checks for security group changes",
    detail_type: ["AWS API Call via CloudTrail"],
    detail: {
      event_source: ["ec2.amazonaws.com"],
      event_name: [
        "AuthorizeSecurityGroupIngress",
        "AuthorizeSecurityGroupEgress",
        "RevokeSecurityGroupIngress",
        "RevokeSecurityGroupEgress",
        "CreateSecurityGroup",
        "DeleteSecurityGroup"
      ]
    }
  )
  def detect_security_group_changes
    puts "event: #{JSON.dump(event)}" # event is available
    # your logic
  end
end

Chalice can also to the infrastructure provisioning along set the Lambda handler

Example using Chalice to subscribe to code commit events

app = chalice.Chalice(app_name='foo')

@app.on_cw_event({"source": ["aws.codecommit"]})
def on_code_commit_changes(event):
    print(event.to_dict())

Chalice scheduling ab hourly Cloudwatch event

app = chalice.Chalice(app_name='foo')

@app.schedule('rate(1 hour)')
def every_hour(event):
    print(event.to_dict())