Amazon CloudWatch Events

What are Amazon CloudWatch Events?

Amazon CloudWatch Events provides a near-real-time stream of system events describing changes to Amazon Web Services (AWS) resources. You may match events and route them to one or more destination functions or streams using basic rules that are easy to set up.

CloudWatch Events detects operational changes as they occur. CloudWatch Events reacts to operational changes and takes remedial action as needed by delivering messages, activating functions, making modifications, and recording state information.

• You may construct event rules to execute a procedure when the event happens. In an event rule, you designate such events as targets. For example, similar to the alarm actions, you may provide SNS topics as the event destination and have the event rules send a notification to a certain topic to notify you.

• Whenever their statuses alter or a particular event happens inside that service, several AWS services transmit the event to AWS CloudWatch Events. For illustration, if an AWS CodeDeploy installation fails, it sends an event to AWS CloudWatch Events.

• Custom events, like CloudWatch metrics, may be generated and sent to CloudWatch Events. Then, write a rule and use Lambda Functions to do customized filtering. By connecting your apps to EventBridge, you may create activity-driven frameworks.

• There is an additional sort of CloudWatch Event in addition to these: scheduled events. The scheduled CloudWatch events, as the title suggests, are triggered on a set schedule using cron expressions. For illustration, you may set up a scheduled event that runs every day and triggers AWS Lambda functions to perform some automation.

• An app can send a custom event, and then another app can reply to that event by performing something different. Whenever an order is placed for illustration, an online store app may send an event, which might also initiate the delivery process.

Features of CloudWatch Events

• AWS EC2 Integration When specific events occur, you may utilize Amazon CloudWatch Events to launch AWS Systems Manager Run Command and conduct operations on AWS EC2 instances. Run Command may be configured to run shell code and configure every new instance deployed in an AWS EC2 Auto Scaling cluster.

• AWS Lambda Functions You may use AWS Lambda to record an event when an Auto Scaling cluster starts or finishes an EC2 instance, and whether the launching or termination event was successful.

• Scheduling the CloudWatch Events CloudWatch Events rule can be executed on a schedule. On such a regular basis, you may produce an automatic snapshot of an existent AWS EBS volume. You may provide a constant rate to produce a snapshot every several minutes, or you can have used a cron expression to make the snapshot at a certain period during the day.

• Sending and Receiving of Events in AWS Accounts You may configure the AWS account to transmit events to or accept events from those other AWS accounts. This is beneficial if the accounts are from the same organization or from entities that are collaborators or have a close association. When you configure the accounts to receive or send events, simply define which AWS account can receive or send events with yours. You may define an organization and allow permission to every account in that organization by using the AWS Organisations functionality.

• Tagging Your Amazon CloudWatch Events Resources Identify and arrange your Amazon Web Services resources. Many AWS services enable tagging, so you may use the same tag to signal that resources from multiple services are connected. Keep track of your AWS expenses. These tags are enabled using the Amazon Billing and Cost Management dashboards. AWS categorizes your expenditures using tags and sends you a monthly allocation report.

CloudWatch Events Concepts

Before you start utilizing CloudWatch Events, you should be comfortable with the following concepts:

• Events An event signals that something has changed in the AWS environment. When the status of an AWS resource alters, it can create events. For illustration, whenever an EC2 instance's status goes from waiting to operating, Amazon EC2 creates an event, and AWS EC2 Auto Scaling produces events whenever it deploys or ends instances. Whenever your made API requests, AWS CloudTrail reports events. Custom app-level events can be created and published to CloudWatch Events. You may also configure scheduled events to be created on a routine basis.

• Rules Incoming events are matched by a rule and sent to destinations for evaluation. A single rule could propagate to several targets, each of which is handled concurrently. Rules are not handled in any certain sequence. This allows different components of organizations to search for and analyze events of relevance to them. A rule can modify the JSON delivered to the destination by providing just certain sections of it or rewriting with a constant.

• Targets A target handles events. AWS EC2 instances, Lambda functions, Kinesis streams, ECS jobs, Step Functions automata, SNS topics, SQS queues, and designed targets are examples of targets. Events are delivered to a destination in JSON format.

Getting Started

To add and remove CloudWatch Events rules, follow the steps in this subsection. These are generic processes that may be used for any event source or target.

Rules:

Creating a Rule That Triggers an Event

1. To access the AWS CloudWatch click on.

2. Select Events and then Create a rule from the navigation pane as shown in the image.

3. For the Event Source, follow the following steps:

• Select Event Pattern, then create an event trend to correlate events by services.
• Under Service Name, select the services which produce the event that will cause the rules to be triggered.
• Under Event Type, select the precise event which will set off the rules. If AWS API Calling through CloudTrail is indeed the sole choice, the chosen services don't generate events and you may primarily build rules upon API calls made towards these services. 
• You may see choices for Any... and Specific.... based on the services sending the event. Pick Any... for the events activate regardless of the chosen event kinds, or Select... to select one or even more particular event categories.

4. In the Targets section, click Add Target and pick the AWS services that will be triggered whenever an event of the chosen kind is identified.

5. Fill in whatever parameters inside this section with data particular to this target type.

6. AWS CloudWatch Events requires authorization to transmit events to numerous target categories. CloudWatch Events may establish the IAM role required for the event to operate in such cases:
   • Select Make a new role for this given resource to automatically generate an IAM role.
   • Select Utilize existing role to utilize an IAM role that you've already generated.
7. Steps were repeated 4-6 if you want to add a target to this rule.
8. Select Configure details. Fill up the blanks with the rule's title and summary.

9. Select Create rules.

Creating a Rule That Triggers on an AWS API Call Via CloudTrail

1. To access the AWS CloudWatch click on.

2. Select Events and then Create a rule from the navigation pane as shown in the image.

3. For the Event Source, follow the following steps:

• Select Event Pattern, then create an event trend to correlate events by services.
• In the Service Name field, enter the name of the service that will be used as the trigger. 
• Select AWS API Call via CloudTrail as the Event Type. 
• Choose Any operation to have your rule triggered whenever any API activity for this service is called. Select Specific operation(s), put the name of an operation in the next box, and then hit ENTER to trigger your rule only when specified API activities are invoked. Select + to add additional operations.

4. In the Targets section, click Add Target and pick the AWS service that will be triggered when an event of the chosen kind is detected.

5. Fill in any additional fields in this section with information particular to this target type.

6. CloudWatch Events need the authorization to transmit events to numerous target types. CloudWatch Events may establish the IAM role required for your event to operate in these cases:
   • Select Generate a new role for this specific resource to automatically create an IAM role.
   • Choose to Utilize the existing role to use an IAM role that you already generated.

7. Steps were repeated 4-6 if you want to add a target to this rule.
8. Select Configure details. Fill up the blanks with the rule's title and summary.

9. Select Create rules.

Creating a Rule That Triggers on a Schedule

1. Go to https://console.aws.amazon.com/cloudwatch/ to access the CloudWatch console.

2. Select Events, and Create rule from the navigation pane.

3. Select Schedule as the event source.

4. Select the Fixed rate and state how frequently the job should run, or select Cron expression and give a cron expression defining when the task should be initiated.

5. In the Targets section, choose Add Target and then pick the AWS service that will be triggered when an event of the chosen kind is detected.

6. Fill in any additional fields in this section with information particular to this target type.
7. To broadcast events to numerous target types, CloudWatch Events requires permissions. CloudWatch Events may establish the IAM role required for your event to operate in these cases:
   • Select Generate a new role for this specific resource to automatically create an IAM role.
   • Select Utilize existing role to use an IAM role that you already generated.
8. Repeat steps 5-7 if you want to add another target to this rule.
9. Select Configure details. Fill up the blanks with the rule's name and description.

10. Select Create rule.

Deleting or Disabling a Rule

To remove or deactivate a CloudWatch Events rule, follow the steps below.

How to Remove or Deactivate a Rule:

• Go to https://console.aws.amazon.com/cloudwatch/ to access the CloudWatch console.

• Select Rules from the navigation pane.
• Managed rules are identified by a box icon beside their names.

• Complete any of the following:
  • For deleting the rules, click on the button next to it and then select Action then to Delete on Delete. If somehow the rule is managed, then one should type its name to accept that it is a managed rule and also that removing it may cause functionalities in the services that originated the rule to cease. To proceed, input the rule's name and select Force deletion.
  • To momentarily deactivate a rule, pick the rule's icon and select Actions to  Disable on Disable.

Restrictions

• The targets associated with a rule must be located within the same Region as the policy. Some target kinds may not be available in all regions.
• Only the AWS Management Dashboard supports the creation of rules using built-in targets.
• If you construct a rule with just an encoded AWS SQS queue as a goal, the KMS major policy must contain the following part. It enables the events to be sent to the encryption queues properly.

Related AWS Services to CloudWatch Events

AWS CloudWatch Events have been used in combination with the various services:

• AWS CloudTrail allows you to track calls to the AWS CloudWatch Events API for the accounts, such as those performed by Management Console, AWS Command Line Interface, as well as other programs. CloudWatch Events publishes log files to the S3 bucket if CloudTrail monitoring is enabled. Based on the number of operations that are taken to fulfil a request, every log file includes more than one record. 

• AWS CloudFormation allows users to design and configure Aws services. You construct a template that outlines the AWS resource that you require, and CloudFormation handles the deployment and configuration. CloudWatch Events rules may be used in the CloudFormation template.

• AWS Config allows you to record modifications to the AWS resources setting. This covers why resources link to each other and how they have been previously designed, allowing you to understand how configuration and associations change over time. You may also use AWS Configuration rules to see if the resources comply with your group's regulations.

• AWS IAM enables users to safely govern their clients' accessibility to Aws services. IAM may be used to govern who really can access their Aws services (authorization), what services users can access, and how they have access to those (authorization).

• AWS Kinesis Data Streams offers near-constant data input and aggregation. IT infrastructure logging data, server logs, social networking sites, trade data feeds, and online click-stream data are all utilized. Processing is often lightweight since the reaction time for data input and execution is in real-time. 

• AWS Lambda allows you to create apps that adapt swiftly to fresh data. Publish the application's code in the form of a Lambda function that will run on high-availability computing architecture. Lambda handles all computing resources management, including that server and OS maintenance, capacities provision, automated scalability, program and vulnerability patch installation, and code debugging and monitoring.

Amazon CloudWatch Events vs Alarms