CloudWatch is commonly used for log processing and monitoring of your AWS resources, but it also has powerful tools for automation from within your account. We’ll show how to set up and work with CloudWatch Events.
What Is CloudWatch Events?
CloudWatch Events is a service from AWS that basically maps cause to effect using actions happening in your account. It can route API events, such as an EC2 instance stopping or an object being uploaded to an S3 bucket, and send them to other services like Lambda functions or messaging queues.
Using simple rules, you can match events based on the service they came from. Events are JSON objects, sent to CloudWatch due to actions happening in your account. For example, an event for terminating an EC2 instance might look like the following:
You can listen for these events, and send them to other services called targets. These can be Lambda functions built to handle this payload, an SNS topic, an SQS queue, or other actions like ECS tasks and CodePipeline. With the ability to route to Lambda, you can program any functionality you’d like, making this a very useful feature for account automation.
For example, if you wanted to run an ECS task, like photo or video processing, whenever an object is uploaded to an S3 bucket, you can achieve this with CloudWatch Events quite easily. Simply set the event source to match PutObject operations, and send the event over to an ECS task for processing.
Plenty of other AWS tools will use CloudWatch events as well, so you miight already have some rules set up. If you’re using CodePipeline, it uses a CloudWatch event to monitor the source repository for changes, and trigger the CI/CD pipeline in response.
Events don’t need to be triggered from an action in your account. Alternatively, you can set the event to run at a fixed time interval, essentially acting as the cron of AWS. You can use this to schedule Lambda functions to run automatically.
Setting Up an Event Rule
From the CloudWatch Console, click on “Rules” in the sidebar and create a new rule.
Unless you want this event to run automatically, set the Event Source to “Event Pattern.” You can choose a service name here to filter for different event types.
For S3, you can choose “Object Level Operations,” and select a specific operation type, like PutObject. You can also choose a specific bucket (or buckets) by name.
On the right, you can select the target. It defaults to “Lambda Function,” you’ll just need to select a function built to handle the event.
For Lambda, the event is passed in as the event variable. You can use this to access details about the PutObject operation, such as a reference to the object itself that you can use to access it.
If you’re just testing out CloudWatch Events, you can use a function like the following to simply log the event passed to it. You’ll find the Lambda function’s logs under the “Monitoring” tab for the function.
You, of course, aren’t limited to Lambda functions. For more intense compute, you can route the event to an ECS task, which can use the full power of Fargate and EC2 to run containerized applications.
Other options are also available, usually to do with routing the event somewhere else, such as a Kinesis stream, SNS topic, or SQS queue.
Rules are manageable from the CloudWatch console, including a monitoring tab to show metrics for how often the rule is invoked.
