Amazon EventBridge support for ACM - AWS Certificate Manager

Amazon EventBridge support for ACM

This topic lists and describes the ACM related events supported by Amazon EventBridge.

AWS health events

ACM generates AWS health events in response to changes in the state of a certificate.

One of the following event type codes is included with each event. The codes are exposed as variables that you can use for filtering.

  • AWS_ACM_RENEWAL_STATE_CHANGE (the certificate has been renewed, has expired, or is due to expire)

  • CAA_CHECK_FAILURE (CAA check failed)

  • AWS_ACM_RENEWAL_FAILURE (for certificates signed by a private CA)

Health events have the following structure. In this example, an AWS_ACM_RENEWAL_STATE_CHANGE event has been generated.

{ "source":[ "" ], "detail-type":[ "AWS Health Event" ], "detail":{ "service":[ "ACM" ], "eventTypeCategory":[ "scheduledChange" ], "eventTypeCode":[ "AWS_ACM_RENEWAL_STATE_CHANGE" ] } }

ACM expiration events

Certificates generated by ACM renew automatically, but imported certificates need to be re-issued and re-imported into ACM prior to expiration to avoid outages. ACM expiration events are generated to provide notice of approaching expiration.

Expiration events have the following structure.

{ "version": "0", "id": "9c95e8e4-96a4-ef3f-b739-b6aa5b193afb", "detail-type": "ACM Certificate Approaching Expiration", "source": "aws.acm", "account": "123456789012", "time": "2020-09-30T06:51:08Z", "region": "us-east-1", "resources": [ "arn:aws:acm:us-east-1:123456789012:certificate/61f50cd4-45b9-4259-b049-d0a53682fa4b" ], "detail": { "DaysToExpiry": 31, "CommonName": "My Awesome Service" } }