version: "0.2"
title: Create an EventBridge Rule and Target
description: This wizard will create a new EventBridge rule with target
plan:
intro:
shortname: Intro
description: Provide rule name and description
values:
rule_name:
type: prompt
description: Rule name
rule_description:
type: prompt
description: Rule description
decide_pattern:
shortname: Pattern
values:
pattern_type:
type: prompt
description: Select pattern type for invoking target
choices:
- display: Event Pattern
actual_value: event_pattern
- display: Schedule
actual_value: schedule
# Event pattern related prompts
event_pattern_input_type:
type: prompt
condition:
variable: pattern_type
equals: event_pattern
description: Select method to choose the event pattern
choices:
- display: Use pre-defined pattern by service
actual_value: predefined
- display: Use custom pattern
actual_value: custom
service_for_event_pattern:
condition:
- variable: pattern_type
equals: event_pattern
- variable: event_pattern_input_type
equals: predefined
type: prompt
description: Select a service to match events for
choices:
- display: AWS CodeBuild
actual_value: codebuild
- display: AWS CodeCommit
actual_value: codecommit
- display: Amazon DynamoDB
actual_value: dynamodb
- display: Amazon EC2
actual_value: ec2
- display: AWS Lambda
actual_value: lambda
- display: Amazon S3
actual_value: s3
details:
value: event_pattern_value
description: "Event pattern"
custom_event_pattern_filename:
condition:
- variable: pattern_type
equals: event_pattern
- variable: event_pattern_input_type
equals: custom
type: prompt
description: Enter the filename with the custom event pattern
completer: file_completer
custom_event_pattern:
type: load-data
load_type: json
value:
__wizard__:File:
path: "{custom_event_pattern_filename}"
custom_event_pattern_as_normalized_json:
type: dump-data
dump_type: json
value: "{custom_event_pattern}"
event_pattern_value:
type: template
value: |
{% if {event_pattern_input_type} == predefined %}{{"source": ["aws.{service_for_event_pattern}"]}}{% endif %}
{% if {event_pattern_input_type} == custom %}{custom_event_pattern_as_normalized_json}{% endif %}
# Schedule related prompts
schedule_type:
condition:
variable: pattern_type
equals: schedule
type: prompt
description: Select schedule type
choices:
- display: Fixed rate
actual_value: fixed
- display: Cron expression
actual_value: cron
cron_expression:
condition:
- variable: pattern_type
equals: schedule
- variable: schedule_type
equals: cron
type: prompt
description: Enter the cron expression
fixed_rate_value:
condition:
- variable: pattern_type
equals: schedule
- variable: schedule_type
equals: fixed
type: prompt
description: Once every
fixed_rate_unit:
condition:
- variable: pattern_type
equals: schedule
- variable: schedule_type
equals: fixed
type: prompt
description: Select unit of time
choices:
- display: Minutes
actual_value: minute
- display: Hours
actual_value: hour
- display: Days
actual_value: day
fixed_rate:
type: template
value: rate({fixed_rate_value} {fixed_rate_unit}{% if {fixed_rate_value} != 1 %}s{% endif %})
schedule_expression:
type: template
value: |
{% if {schedule_type} == cron %}cron({cron_expression}){% endif %}
{% if {schedule_type} == fixed %}{fixed_rate}{% endif %}
decide_target:
shortname: Target
description: Select a target for the rule
values:
target_type:
type: prompt
description: Select the target type
choices:
- display: CloudWatch Logs group
actual_value: logs_group
- display: CodeBuild project
actual_value: codebuild_project
- display: Lambda function
actual_value: lambda_function
- display: SNS topic
actual_value: sns_topic
# CloudWatch Logs target specific variables
logs_target:
condition:
variable: target_type
equals: logs_group
type: prompt
description: Select the CloudWatch Logs group
choices: existing_groups
existing_groups:
type: apicall
operation: logs.DescribeLogGroups
params: { }
query: "sort_by(logGroups[].{display: logGroupName, actual_value: arn}, &display)"
cache: true
paginate: true
logs_resource_policy:
condition:
variable: target_type
equals: logs_group
type: template
value: '{{"Version":"2012-10-17", "Statement":[{{"Sid":"TrustEventsToStoreLogEvent","Effect":"Allow","Principal":{{"Service":["delivery.logs.amazonaws.com","events.amazonaws.com"]}},"Action":["logs:CreateLogStream","logs:PutLogEvents"],"Resource":"{logs_target}:*"}}]}}'
# CodeBuild target specific variables
codebuild_target:
condition:
variable: target_type
equals: codebuild_project
type: prompt
description: Select the CodeBuild project
choices: existing_projects
existing_projects:
type: apicall
operation: codebuild.ListProjects
params:
sortBy: NAME
sortOrder: DESCENDING
query: "projects[].{display: @, actual_value: @}"
cache: true
paginate: true
codebuild_project_arn:
type: apicall
operation: codebuild.BatchGetProjects
params:
names:
- "{codebuild_target}"
query: "projects[0].arn"
cache: true
# Lambda function specific vars
lambda_function_target:
condition:
variable: target_type
equals: lambda_function
type: prompt
description: Select the Lambda function
choices: existing_lambda_functions
existing_lambda_functions:
type: apicall
operation: lambda.ListFunctions
params: {}
query: "sort(Functions[].FunctionName)"
cache: true
paginate: true
lambda_function_arn:
type: apicall
operation: lambda.GetFunction
params:
FunctionName: "{lambda_function_target}"
query: "Configuration.FunctionArn"
cache: true
# SNS function specific vars
sns_topic_target:
condition:
variable: target_type
equals: sns_topic
type: prompt
description: Select the SNS topic
choices: existing_sns_topics
existing_sns_topics:
type: apicall
operation: sns.ListTopics
params: {}
query: "sort(Topics[].TopicArn)"
cache: true
paginate: true
# Generalized vars
target_needs_role:
type: template
value: |
{% if {target_type} == codebuild_project %}yes{% endif %}
{% if {target_type} == lambda_function %}no{% endif %}
{% if {target_type} == sns_topic %}no{% endif %}
{% if {target_type} == logs_group %}no{% endif %}
target_role_arn:
condition:
variable: target_needs_role
equals: yes
type: prompt
description: Select the role to invoke target
choices: existing_roles
existing_roles:
type: apicall
operation: iam.ListRoles
params: {}
query: "sort_by(Roles[].{display: RoleName, actual_value: Arn}, &display)"
cache: true
paginate: true
target_arn:
type: template
value: |
{% if {target_type} == codebuild_project %}{codebuild_project_arn}{% endif %}
{% if {target_type} == lambda_function %}{lambda_function_arn}{% endif %}
{% if {target_type} == sns_topic %}{sns_topic_target}{% endif %}
{% if {target_type} == logs_group %}{logs_target}{% endif %}
preview:
shortname: Preview
description: Preview of wizard
values:
preview_type:
type: prompt
description: Select an preview format
choices:
- display: None
actual_value: preview_none
- display: AWS CLI command
actual_value: preview_cli_command
- display: AWS CloudFormation template
actual_value: preview_cfn_template
details:
value: preview_value
visible: True
description: "Preview"
preview_value:
type: template
value: |
{%if {preview_type} == preview_cli_command %}
{preview_cli_command_value}
{% endif %}
{%if {preview_type} == preview_cfn_template %}
{preview_cfn_template_value}
{% endif %}
preview_cli_command_value:
type: template
value: |
{% if {target_type} == lambda_function %}rule_arn=$({% endif %}aws events put-rule \
--name '{rule_name}' \
--description '{rule_description}' \
{%if {pattern_type} == schedule %}
--schedule-expression '{schedule_expression}' \
{% endif %}
{%if {pattern_type} == event_pattern %}
--event-pattern '{event_pattern_value}' \
{% endif %}
--query RuleArn --output text{% if {target_type} == lambda_function %})
{% endif %}
{% if {target_type} == lambda_function %}
aws lambda add-permission \
--function-name '{lambda_function_target}' \
--statement-id cli-wizard \
--action 'lambda:InvokeFunction' \
--principal 'events.amazonaws.com' \
--source-arn "$rule_arn"
{% endif %}
{% if {target_type} == sns_topic %}
aws sns get-topic-attributes \
--topic-arn {sns_topic_target} \
--query Attributes.Policy --output text > policy.json
# Update "Statement" list in policy.json to include:
# {{
# "Effect": "Allow",
# "Action": "sns:Publish",
# "Principal": {{
# "Service": "events.amazonaws.com"
# }},
# "Resource": "{sns_topic_target}"
# }}
aws sns set-topic-attributes \
--topic-arn {sns_topic_target} \
--attribute-name Policy \
--attribute-value file://policy.json
{% endif %}
{% if {target_type} == logs_group %}
aws logs put-resource-policy \
--policy-name 'WriteEventLogs' \
--policy-document '{logs_resource_policy}'
{% endif %}
aws events put-targets \
--rule '{rule_name}' \
--targets 'Id=cli-wizard-0,Arn={target_arn}{% if {target_needs_role} == yes %},RoleArn={target_role_arn}{% endif %}'
preview_cfn_template_value:
type: template
value: |
Resources:
{rule_name}:
Type: AWS::Events::Rule
Properties:
Name: {rule_name}
Description: {rule_description}
{%if {pattern_type} == schedule %}
ScheduleExpression: {schedule_expression}
{% endif %}
{%if {pattern_type} == event_pattern %}
EventPattern: {event_pattern_value}
{% endif %}
Targets:
- Id: cli-wizard-0
Arn: {target_arn}
{% if {target_needs_role} == yes %}
RoleArn: {target_role_arn}
{% endif %}
{% if {target_type} == lambda_function %}
LambdaPermission:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:InvokeFunction
FunctionName: {lambda_function_target}
Principal: events.amazonaws.com
SourceArn:
Fn::GetAtt:
- {rule_name}
- Arn
{% endif %}
{% if {target_type} == sns_topic %}
SNSTopicPolcy:
Type: AWS::SNS::TopicPolicy
Properties:
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action: sns:Publish
Principal:
Service: events.amazonaws.com
Resource: {sns_topic_target}
Topics:
- {sns_topic_target}
{% endif %}
{% if {target_type} == logs_group %}
LogsGroupPolicy:
Type: AWS::Logs::ResourcePolicy
Properties:
PolicyName: WriteEventLogs
PolicyDocument: '{logs_resource_policy}'
{% endif %}
__DONE__:
execute:
default:
- type: define-variable
varname: put_rule_params
value:
Name: "{rule_name}"
Description: "{rule_description}"
- type: merge-dict
output_var: put_rule_params
condition:
variable: pattern_type
equals: schedule
overlays:
- "{put_rule_params}"
- ScheduleExpression: "{schedule_expression}"
- type: merge-dict
output_var: put_rule_params
condition:
variable: pattern_type
equals: event_pattern
overlays:
- "{put_rule_params}"
- EventPattern: "{event_pattern_value}"
- type: apicall
operation: events.PutRule
params: "{put_rule_params}"
query: "RuleArn"
output_var: rule_arn
# CloudWatch Logs specific calls
- type: apicall
condition:
variable: target_type
equals: logs_group
operation: logs.PutResourcePolicy
params:
policyName: WriteEventLogs
policyDocument: "{logs_resource_policy}"
# Lambda specific calls
- type: apicall
condition:
variable: target_type
equals: lambda_function
operation: lambda.AddPermission
params:
FunctionName: "{lambda_function_target}"
StatementId: cli-wizard
Action: lambda:InvokeFunction
Principal: events.amazonaws.com
SourceArn: "{rule_arn}"
# SNS specific calls
- type: apicall
condition:
variable: target_type
equals: sns_topic
operation: sns.GetTopicAttributes
params:
TopicArn: "{sns_topic_target}"
query: "Attributes.Policy"
output_var: topic_policy
- type: load-data
condition:
variable: target_type
equals: sns_topic
load_type: json
value: "{topic_policy}"
output_var: topic_policy
- type: merge-dict
condition:
variable: target_type
equals: sns_topic
output_var: topic_policy
overlays:
- "{topic_policy}"
- Statement:
- Effect: Allow
Action: sns:Publish
Principal:
Service: events.amazonaws.com
Resource: "{sns_topic_target}"
- type: dump-data
condition:
variable: target_type
equals: sns_topic
dump_type: json
value: "{topic_policy}"
output_var: topic_policy
- type: apicall
condition:
variable: target_type
equals: sns_topic
operation: sns.SetTopicAttributes
params:
TopicArn: "{sns_topic_target}"
AttributeName: Policy
AttributeValue: "{topic_policy}"
# General api calls for setting up target
- type: define-variable
varname: target_configuration
value:
Id: "cli-wizard-0"
Arn: "{target_arn}"
- type: merge-dict
output_var: target_configuration
condition:
variable: target_needs_role
equals: yes
overlays:
- "{target_configuration}"
- RoleArn: "{target_role_arn}"
- type: apicall
operation: events.PutTargets
params:
Rule: "{rule_name}"
Targets:
- "{target_configuration}"
__OUTPUT__:
value: |
Wizard successfully created rule with following properties:
Rule name: {rule_name}
Rule ARN: {rule_arn}
{%if {pattern_type} == schedule %}
Schedule expression: {schedule_expression}
{% endif %}
{%if {pattern_type} == event_pattern %}
Event pattern: {event_pattern_value}
{% endif %}
Target resource: {target_arn}
{% if {preview_type} == preview_cli_command %}
Steps to create rule is equivalent to running the following sample AWS CLI commands:
{preview_cli_command_value}
{% endif %}
{% if {preview_type} == preview_cfn_template %}
Steps to create rule is equivalent to deploying the following sample AWS CloudFormation template:
{preview_cfn_template_value}
{% endif %}