A collection of configuration templates for Amazon Event Bridge as well as security controls for monitoring and protecting Amazon EventBridge configuration such as Config Rules, CloudWatch Alarms, EventBridge Rules, IAM policies, and more.
This template creates an ApiDestination connection to Slack. It includes an IAM role, an EventBridge event bus, a connection to Slack API using an API key stored in Secrets Manager, and sets the HttpMethod to POST with an InvocationEndpoint provided as a parameter.
This template creates an AWS::Events::EventBusPolicy resource that grants permission to one AWS account with an account ID of 111122223333. The policy allows the account to perform the events:PutEvents action on the default event bus in the us-east-1 region.
This template creates an AWS::Events::EventBusPolicy resource that denies permission to multiple principals and actions. The policy denies the specified principals (arn:aws:iam::111122223333:user/alice and arn:aws:iam::111122223333:user/bob) from performing the events:PutEvents and events:PutRule actions on the default event bus in the us-east-1 region.
This template creates an AWS::Events::EventBus resource named MyCustomEventBus and an AWS::Events::EventBusPolicy resource that grants permission to all AWS accounts in the organization with an organization ID of o-1234567890. The policy allows the accounts to perform the events:PutEvents action on the custom event bus and applies the aws:PrincipalOrgID condition to restrict access to the specified organization ID.
This template creates a partner event bus named `aws.partner.repo1` with the properties `EventSourceName` set to `aws.partner/PartnerName/acct1/repo1` and `Name` set to `aws.partner.repo1`.
This template creates an AWS Events Connection resource with ApiKey authorization. It creates a connection named pagerduty-connection and uses an ApiKey from Secrets Manager for authorization.
This CloudFormation template creates an Amazon Events Connection with OAuth authorization using Auth0. It retrieves the Auth0 ClientId and ClientSecret from a secret stored in AWS Secrets Manager.
This template creates an AWS Events Archive resource named 'MyArchive' that is used to store all EC2 events. The archive retains events for 10 days and is associated with the default event bus. The archive is configured to capture events from the 'aws.ec2' source.
This template creates an ApiDestination connection to PagerDuty. It includes a connection to PagerDuty API using an API key, and sets the HttpMethod to POST with an InvocationEndpoint of 'https://events.pagerduty.com/v2/enqueue'.
This CloudFormation template creates an event rule that routes events from a specific source and detail to an event bus in the us-east-1 region. It also creates an IAM role with the necessary permissions for event routing.
This template creates an AWS Events Rule that sends all EC2 events to an SQS queue. The rule includes a dead-letter queue and retry policy settings for the target.
This template creates an AWS Events Rule that invokes a specified Lambda function every 10 minutes. The rule is configured with a schedule expression and is enabled to trigger the Lambda function.
This template creates an AWS Events Rule that invokes a specified Lambda function when any EC2 instance's state changes to stopping. The rule is configured with an event pattern that filters for EC2 instance state-change notifications and a target that specifies the Lambda function to invoke.
This template creates an AWS Events Rule that notifies an Amazon Simple Notification Service (SNS) topic if an AWS CloudTrail log entry contains a call by the root user. The rule is configured with an event pattern that filters for CloudTrail log entries with a specific detail type and detail, and a target that specifies the SNS topic to notify.
A CloudWatch Event Rule that triggers on changes in the status of AWS Trusted Advisor checks, and forwards the events to an SNS topic
A CloudWatch Event Rule that triggers on changes in the status of AWS Personal Health Dashboard (AWS Health) and forwards the events to an SNS topic
A CloudWatch Event Rule that detects changes to AWS Config Rule compliance status and publishes change events to an SNS topic for notification.
A CloudWatch Event Rule that triggers on Amazon GuardDuty findings and publishes findings to an SNS topic. The Event Rule can be used to trigger notifications or remediative actions using AWS Lambda.
A CloudWatch Event Rule that triggers on Amazon Inspector findings and publishes findings to an SNS topic. The Event Rule can be used to trigger notifications or remediative actions using AWS Lambda.
A CloudWatch Event Rule that triggers on AWS Security Hub findings. The Event Rule can be used to trigger notifications or remediative actions using AWS Lambda.
A CloudWatch Event Rule that triggers on Amazon Macie findings. The Event Rule can be used to trigger notifications or remediative actions using AWS Lambda.
Detect changes to security groups and publishes change events to an SNS topic for notification.
Detect changes to EC2 Instances and publishes change events to an SNS topic for notification.
Detect changes to network ACLs and publishes change events to an SNS topic for notification.
Detect changes to network configuration and publishes change events to an SNS topic for notification.
A CloudWatch Event Rule that detects IAM policy changes and publishes change events to an SNS topic for notification. Events include IAM policy creation/deletion/update operations as well as attaching/detaching policies from IAM users, roles or groups.
A CloudWatch Event Rule that detects changes to IAM users and groups and publishes change events to an SNS topic for notification. Events include IAM user creation/deletion/update operations, updating IAM user passwords or Access Keys, as well as attaching/detaching policies from IAM users or groups.
A CloudWatch Event Rule that detects changes to IAM MFA devices (Virtual and Hardware) and publishes change events to an SNS topic for notification. Events include enabling/disabling/updating MFA virtual and hardware devices in an AWS account.
Detect changes to CloudTrail configutation and publishes change events to an SNS topic for notification.
Detect changes to S3 bucket policies and publishes change events to an SNS topic for notification.
Detect changes to AWS Config and publishes change events to an SNS topic for notification.
A CloudWatch Event Rule that detects KMS Customer Master Key (CMK) changes and publishes change events to an SNS topic for notification.
A CloudWatch Event Rule that triggers on AWS KMS Customer Master Key (CMK) deletion events.
A CloudWatch Event Rule that triggers on AWS KMS Customer Master Key (CMK) rotation events.
A CloudWatch Event Rule that triggers on AWS KMS Customer Master Key (CMK) imported material expiration events.
A CloudWatch Event Rule that triggers on IAM Access Analyzer Findings. The Event Rule can be used to trigger notifications or remediative actions using AWS Lambda.
A CloudWatch Event Rule that triggers when each ECR vulnerability image scan is completed. The Event Rule can be used to trigger notifications or remediative actions using AWS Lambda.
A CloudWatch Event Rule that sends a notification to provide notice of approaching expiration of an ACM certificate. and forwards the events to an SNS topic.
A CloudWatch Event Rule that detects changes to AWS Organizations and publishes change events to an SNS topic for notification.
This template creates an Event Schema Discoverer resource. The Discoverer is used to generate schemas for events on the default event bus. The Discoverer is configured with the source ARN and a description.
This template creates a Schema Registry with the name 'aws.states' and a description that contains the schemas of events emitted by AWS Step Functions.
This template creates an AWS Event Schemas registry policy. It specifies the registry name, policy version, and a statement that allows a specific AWS user to perform actions on the registry. The statement includes the effect, principal, actions, and resources.
This template creates an AWS Event Schema with the specified properties. The schema is used to define the structure of events emitted by a state machine execution. The schema is defined using OpenAPI 3.0 and includes a component schema for the StepFunctionsExecutionStatusChange event.
This template creates a Pipe with an Amazon SQS source, an API Gateway enrichment, and a Step Functions state machine target. The Pipe uses the specified IAM role for execution. The source is an SQS queue, the enrichment is an API Gateway endpoint, and the target is a Step Functions state machine.
This template provisions a DynamoDB table and associated data stream as the pipe source, and an Amazon SQS queue as the pipe target. It also provisions an IAM execution role for the pipe with the necessary permissions. The pipe connects the DynamoDB stream source to the SQS queue target. The pipe includes an event filter with an event pattern that selects events where the 'eventName' is 'INSERT' or 'MODIFY'.