EventRule

Provides a CloudWatch Event Rule resource.

Example Usage

using Pulumi;
using Aws = Pulumi.Aws;

class MyStack : Stack
{
    public MyStack()
    {
        var console = new Aws.CloudWatch.EventRule("console", new Aws.CloudWatch.EventRuleArgs
        {
            Description = "Capture each AWS Console Sign In",
            EventPattern = @"{
  ""detail-type"": [
    ""AWS Console Sign In via CloudTrail""
  ]
}

",
        });
        var awsLogins = new Aws.Sns.Topic("awsLogins", new Aws.Sns.TopicArgs
        {
        });
        var sns = new Aws.CloudWatch.EventTarget("sns", new Aws.CloudWatch.EventTargetArgs
        {
            Arn = awsLogins.Arn,
            Rule = console.Name,
        });
        var snsTopicPolicy = awsLogins.Arn.Apply(arn => Aws.Iam.GetPolicyDocument.InvokeAsync(new Aws.Iam.GetPolicyDocumentArgs
        {
            Statements = 
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementArgs
                {
                    Actions = 
                    {
                        "SNS:Publish",
                    },
                    Effect = "Allow",
                    Principals = 
                    {
                        new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalArgs
                        {
                            Identifiers = 
                            {
                                "events.amazonaws.com",
                            },
                            Type = "Service",
                        },
                    },
                    Resources = 
                    {
                        arn,
                    },
                },
            },
        }));
        var @default = new Aws.Sns.TopicPolicy("default", new Aws.Sns.TopicPolicyArgs
        {
            Arn = awsLogins.Arn,
            Policy = snsTopicPolicy.Apply(snsTopicPolicy => snsTopicPolicy.Json),
        });
    }

}

package main

import (
    "fmt"

    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/cloudwatch"
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/iam"
    "github.com/pulumi/pulumi-aws/sdk/v2/go/aws/sns"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        console, err := cloudwatch.NewEventRule(ctx, "console", &cloudwatch.EventRuleArgs{
            Description:  pulumi.String("Capture each AWS Console Sign In"),
            EventPattern: pulumi.String(fmt.Sprintf("%v%v%v%v%v%v", "{\n", "  \"detail-type\": [\n", "    \"AWS Console Sign In via CloudTrail\"\n", "  ]\n", "}\n", "\n")),
        })
        if err != nil {
            return err
        }
        awsLogins, err := sns.NewTopic(ctx, "awsLogins", nil)
        if err != nil {
            return err
        }
        _, err = cloudwatch.NewEventTarget(ctx, "sns", &cloudwatch.EventTargetArgs{
            Arn:  awsLogins.Arn,
            Rule: console.Name,
        })
        if err != nil {
            return err
        }
        _, err = sns.NewTopicPolicy(ctx, "_default", &sns.TopicPolicyArgs{
            Arn: awsLogins.Arn,
            Policy: snsTopicPolicy.ApplyT(func(snsTopicPolicy iam.GetPolicyDocumentResult) (string, error) {
                return snsTopicPolicy.Json, nil
            }).(pulumi.StringOutput),
        })
        if err != nil {
            return err
        }
        return nil
    })
}

import pulumi
import pulumi_aws as aws

console = aws.cloudwatch.EventRule("console",
    description="Capture each AWS Console Sign In",
    event_pattern="""{
  "detail-type": [
    "AWS Console Sign In via CloudTrail"
  ]
}

""")
aws_logins = aws.sns.Topic("awsLogins")
sns = aws.cloudwatch.EventTarget("sns",
    arn=aws_logins.arn,
    rule=console.name)
sns_topic_policy = aws_logins.arn.apply(lambda arn: aws.iam.get_policy_document(statements=[{
    "actions": ["SNS:Publish"],
    "effect": "Allow",
    "principals": [{
        "identifiers": ["events.amazonaws.com"],
        "type": "Service",
    }],
    "resources": [arn],
}]))
default = aws.sns.TopicPolicy("default",
    arn=aws_logins.arn,
    policy=sns_topic_policy.json)

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const console = new aws.cloudwatch.EventRule("console", {
    description: "Capture each AWS Console Sign In",
    eventPattern: `{
  "detail-type": [
    "AWS Console Sign In via CloudTrail"
  ]
}
`,
});
const awsLogins = new aws.sns.Topic("aws_logins", {});
const sns = new aws.cloudwatch.EventTarget("sns", {
    arn: awsLogins.arn,
    rule: console.name,
});
const snsTopicPolicy = awsLogins.arn.apply(arn => aws.iam.getPolicyDocument({
    statements: [{
        actions: ["SNS:Publish"],
        effect: "Allow",
        principals: [{
            identifiers: ["events.amazonaws.com"],
            type: "Service",
        }],
        resources: [arn],
    }],
}, { async: true }));
const defaultTopicPolicy = new aws.sns.TopicPolicy("default", {
    arn: awsLogins.arn,
    policy: snsTopicPolicy.json,
});

Create a EventRule Resource

new EventRule(name: string, args?: EventRuleArgs, opts?: CustomResourceOptions);

def EventRule(resource_name, opts=None, description=None, event_pattern=None, is_enabled=None, name=None, name_prefix=None, role_arn=None, schedule_expression=None, tags=None, __props__=None);

func NewEventRule(ctx *Context, name string, args *EventRuleArgs, opts ...ResourceOption) (*EventRule, error)

public EventRule(string name, EventRuleArgs? args = null, CustomResourceOptions? opts = null)

name string: The unique name of the resource.
args EventRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
opts ResourceOptions: A bag of options that control this resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args EventRuleArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args EventRuleArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

EventRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The EventRule resource accepts the following input properties:

Description string: The description of the rule.
EventPattern string: Event pattern described a JSON object. See full documentation of CloudWatch Events and Event Patterns for details.
IsEnabled bool: Whether the rule should be enabled (defaults to true).
Name string: The rule’s name. By default generated by this provider.
NamePrefix string: The rule’s name. Conflicts with name.
RoleArn string: The Amazon Resource Name (ARN) associated with the role that is used for target invocation.
ScheduleExpression string: The scheduling expression. For example, cron(0 20 * * ? *) or rate(5 minutes).
Tags Dictionary<string, string>: A map of tags to assign to the resource.

Description string: The description of the rule.
EventPattern string: Event pattern described a JSON object. See full documentation of CloudWatch Events and Event Patterns for details.
IsEnabled bool: Whether the rule should be enabled (defaults to true).
Name string: The rule’s name. By default generated by this provider.
NamePrefix string: The rule’s name. Conflicts with name.
RoleArn string: The Amazon Resource Name (ARN) associated with the role that is used for target invocation.
ScheduleExpression string: The scheduling expression. For example, cron(0 20 * * ? *) or rate(5 minutes).
Tags map[string]string: A map of tags to assign to the resource.

description string: The description of the rule.
eventPattern string: Event pattern described a JSON object. See full documentation of CloudWatch Events and Event Patterns for details.
isEnabled boolean: Whether the rule should be enabled (defaults to true).
name string: The rule’s name. By default generated by this provider.
namePrefix string: The rule’s name. Conflicts with name.
roleArn string: The Amazon Resource Name (ARN) associated with the role that is used for target invocation.
scheduleExpression string: The scheduling expression. For example, cron(0 20 * * ? *) or rate(5 minutes).
tags {[key: string]: string}: A map of tags to assign to the resource.

description str: The description of the rule.
event_pattern str: Event pattern described a JSON object. See full documentation of CloudWatch Events and Event Patterns for details.
is_enabled bool: Whether the rule should be enabled (defaults to true).
name str: The rule’s name. By default generated by this provider.
name_prefix str: The rule’s name. Conflicts with name.
role_arn str: The Amazon Resource Name (ARN) associated with the role that is used for target invocation.
schedule_expression str: The scheduling expression. For example, cron(0 20 * * ? *) or rate(5 minutes).
tags Dict[str, str]: A map of tags to assign to the resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the EventRule resource produces the following output properties:

Arn string: The Amazon Resource Name (ARN) of the rule.
Id string: The provider-assigned unique ID for this managed resource.

Arn string: The Amazon Resource Name (ARN) of the rule.
Id string: The provider-assigned unique ID for this managed resource.

arn string: The Amazon Resource Name (ARN) of the rule.
id string: The provider-assigned unique ID for this managed resource.

arn str: The Amazon Resource Name (ARN) of the rule.
id str: The provider-assigned unique ID for this managed resource.

Look up an Existing EventRule Resource

Get an existing EventRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: EventRuleState, opts?: CustomResourceOptions): EventRule

static get(resource_name, id, opts=None, arn=None, description=None, event_pattern=None, is_enabled=None, name=None, name_prefix=None, role_arn=None, schedule_expression=None, tags=None, __props__=None);

func GetEventRule(ctx *Context, name string, id IDInput, state *EventRuleState, opts ...ResourceOption) (*EventRule, error)

public static EventRule Get(string name, Input<string> id, EventRuleState? state, CustomResourceOptions? opts = null)

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Arn string: The Amazon Resource Name (ARN) of the rule.
Description string: The description of the rule.
EventPattern string: Event pattern described a JSON object. See full documentation of CloudWatch Events and Event Patterns for details.
IsEnabled bool: Whether the rule should be enabled (defaults to true).
Name string: The rule’s name. By default generated by this provider.
NamePrefix string: The rule’s name. Conflicts with name.
RoleArn string: The Amazon Resource Name (ARN) associated with the role that is used for target invocation.
ScheduleExpression string: The scheduling expression. For example, cron(0 20 * * ? *) or rate(5 minutes).
Tags Dictionary<string, string>: A map of tags to assign to the resource.

Arn string: The Amazon Resource Name (ARN) of the rule.
Description string: The description of the rule.
EventPattern string: Event pattern described a JSON object. See full documentation of CloudWatch Events and Event Patterns for details.
IsEnabled bool: Whether the rule should be enabled (defaults to true).
Name string: The rule’s name. By default generated by this provider.
NamePrefix string: The rule’s name. Conflicts with name.
RoleArn string: The Amazon Resource Name (ARN) associated with the role that is used for target invocation.
ScheduleExpression string: The scheduling expression. For example, cron(0 20 * * ? *) or rate(5 minutes).
Tags map[string]string: A map of tags to assign to the resource.

arn string: The Amazon Resource Name (ARN) of the rule.
description string: The description of the rule.
eventPattern string: Event pattern described a JSON object. See full documentation of CloudWatch Events and Event Patterns for details.
isEnabled boolean: Whether the rule should be enabled (defaults to true).
name string: The rule’s name. By default generated by this provider.
namePrefix string: The rule’s name. Conflicts with name.
roleArn string: The Amazon Resource Name (ARN) associated with the role that is used for target invocation.
scheduleExpression string: The scheduling expression. For example, cron(0 20 * * ? *) or rate(5 minutes).
tags {[key: string]: string}: A map of tags to assign to the resource.

arn str: The Amazon Resource Name (ARN) of the rule.
description str: The description of the rule.
event_pattern str: Event pattern described a JSON object. See full documentation of CloudWatch Events and Event Patterns for details.
is_enabled bool: Whether the rule should be enabled (defaults to true).
name str: The rule’s name. By default generated by this provider.
name_prefix str: The rule’s name. Conflicts with name.
role_arn str: The Amazon Resource Name (ARN) associated with the role that is used for target invocation.
schedule_expression str: The scheduling expression. For example, cron(0 20 * * ? *) or rate(5 minutes).
tags Dict[str, str]: A map of tags to assign to the resource.

Package Details

Repository: https://github.com/pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud