Skip to content

Resource: awsCloudwatchEventRule

Provides an EventBridge Rule resource.

\~> Note: EventBridge was formerly known as CloudWatch Events. The functionality is identical.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsCloudwatchEventRuleConsole =
  new aws.cloudwatchEventRule.CloudwatchEventRule(this, "console", {
    description: "Capture each AWS Console Sign In",
    eventPattern:
      '${jsonencode({\n    detail-type = [\n      "AWS Console Sign In via CloudTrail"\n    ]\n  })}',
    name: "capture-aws-sign-in",
  });
const awsSnsTopicAwsLogins = new aws.snsTopic.SnsTopic(this, "aws_logins", {
  name: "aws-console-logins",
});
const dataAwsIamPolicyDocumentSnsTopicPolicy =
  new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(
    this,
    "sns_topic_policy",
    {
      statement: [
        {
          actions: ["SNS:Publish"],
          effect: "Allow",
          principals: [
            {
              identifiers: ["events.amazonaws.com"],
              type: "Service",
            },
          ],
          resources: [awsSnsTopicAwsLogins.arn],
        },
      ],
    }
  );
new aws.cloudwatchEventTarget.CloudwatchEventTarget(this, "sns", {
  arn: awsSnsTopicAwsLogins.arn,
  rule: awsCloudwatchEventRuleConsole.name,
  targetId: "SendToSNS",
});
new aws.snsTopicPolicy.SnsTopicPolicy(this, "default", {
  arn: awsSnsTopicAwsLogins.arn,
  policy: dataAwsIamPolicyDocumentSnsTopicPolicy.json,
});

Argument Reference

The following arguments are supported:

  • name - (Optional) The name of the rule. If omitted, Terraform will assign a random, unique name. Conflicts with namePrefix.
  • namePrefix - (Optional) Creates a unique name beginning with the specified prefix. Conflicts with name.
  • scheduleExpression - (Optional) The scheduling expression. For example, cron(020 * * ? *) or rate(5Minutes). At least one of scheduleExpression or eventPattern is required. Can only be used on the default event bus. For more information, refer to the AWS documentation Schedule Expressions for Rules.
  • eventBusName - (Optional) The name or ARN of the event bus to associate with this rule. If you omit this, the default event bus is used.
  • eventPattern - (Optional) The event pattern described a JSON object. At least one of scheduleExpression or eventPattern is required. See full documentation of Events and Event Patterns in EventBridge for details.
  • description - (Optional) The description of the rule.
  • roleArn - (Optional) The Amazon Resource Name (ARN) associated with the role that is used for target invocation.
  • isEnabled - (Optional) Whether the rule should be enabled (defaults to true).
  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The name of the rule.
  • arn - The Amazon Resource Name (ARN) of the rule.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

Import

EventBridge Rules can be imported using the eventBusName/ruleName (if you omit eventBusName, the default event bus will be used), e.g.,

$ terraform import aws_cloudwatch_event_rule.console example-event-bus/capture-console-sign-in