CfnRuleProps
- class aws_cdk.aws_events.CfnRuleProps(*, description=None, event_bus_name=None, event_pattern=None, name=None, role_arn=None, schedule_expression=None, state=None, targets=None)
Bases:
object
Properties for defining a
CfnRule
.- Parameters:
description (
Optional
[str
]) – The description of the rule.event_bus_name (
Optional
[str
]) – The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.event_pattern (
Any
) – The event pattern of the rule. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide .name (
Optional
[str
]) – The name of the rule.role_arn (
Optional
[str
]) – The Amazon Resource Name (ARN) of the role that is used for target invocation. If you’re setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify aRoleArn
with proper permissions in theTarget
structure, instead of here in this parameter.schedule_expression (
Optional
[str
]) – The scheduling expression. For example, “cron(0 20 * * ? *)”, “rate(5 minutes)”. For more information, see Creating an Amazon EventBridge rule that runs on a schedule .state (
Optional
[str
]) – The state of the rule. Valid values include: -DISABLED
: The rule is disabled. EventBridge does not match any events against the rule. -ENABLED
: The rule is enabled. EventBridge matches events against the rule, except for AWS management events delivered through CloudTrail. -ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
: The rule is enabled for all events, including AWS management events delivered through CloudTrail. Management events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see Logging management events in the CloudTrail User Guide , and Filtering management events from AWS services in the Amazon EventBridge User Guide . This value is only valid for rules on the default event bus or custom event buses . It does not apply to partner event buses .targets (
Union
[IResolvable
,Sequence
[Union
[IResolvable
,TargetProperty
,Dict
[str
,Any
]]],None
]) – Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule. Targets are the resources that are invoked when a rule is triggered. The maximum number of entries per request is 10. .. epigraph:: Each rule can have up to five (5) targets associated with it at one time. For a list of services you can configure as targets for events, see EventBridge targets in the Amazon EventBridge User Guide . Creating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are: -Amazon EBS CreateSnapshot API call
-Amazon EC2 RebootInstances API call
-Amazon EC2 StopInstances API call
-Amazon EC2 TerminateInstances API call
For some target types,PutTargets
provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using theKinesisParameters
argument. To invoke a command on multiple EC2 instances with one rule, you can use theRunCommandParameters
field. To be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions: - For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies. - For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in theRoleARN
argument inPutTargets
. For more information, see Authentication and Access Control in the Amazon EventBridge User Guide . If another AWS account is in the same region and has granted you permission (usingPutPermission
), you can send events to that account. Set that account’s event bus as a target of the rules in your account. To send the matched events to the other account, specify that account’s event bus as theArn
value when you runPutTargets
. If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see Amazon EventBridge Pricing . .. epigraph::Input
,InputPath
, andInputTransformer
are not available withPutTarget
if the target is an event bus of a different AWS account. If you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify aRoleArn
with proper permissions in theTarget
structure. For more information, see Sending and Receiving Events Between AWS Accounts in the Amazon EventBridge User Guide . .. epigraph:: If you have an IAM role on a cross-account event bus target, aPutTargets
call without a role on the same target (sameId
andArn
) will not remove the role. For more information about enabling cross-account events, see PutPermission . Input , InputPath , and InputTransformer are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event: - If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target). - If Input is specified in the form of valid JSON, then the matched event is overridden with this constant. - If InputPath is specified in the form of JSONPath (for example,$.detail
), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed). - If InputTransformer is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target. When you specifyInputPath
orInputTransformer
, you must use JSON dot notation, not bracket notation. When you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect. This action can partially fail if too many requests are made at the same time. If that happens,FailedEntryCount
is non-zero in the response and each entry inFailedEntries
provides the ID of the failed target and the error code.
- See:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_events as events # event_pattern: Any cfn_rule_props = events.CfnRuleProps( description="description", event_bus_name="eventBusName", event_pattern=event_pattern, name="name", role_arn="roleArn", schedule_expression="scheduleExpression", state="state", targets=[events.CfnRule.TargetProperty( arn="arn", id="id", # the properties below are optional app_sync_parameters=events.CfnRule.AppSyncParametersProperty( graph_ql_operation="graphQlOperation" ), batch_parameters=events.CfnRule.BatchParametersProperty( job_definition="jobDefinition", job_name="jobName", # the properties below are optional array_properties=events.CfnRule.BatchArrayPropertiesProperty( size=123 ), retry_strategy=events.CfnRule.BatchRetryStrategyProperty( attempts=123 ) ), dead_letter_config=events.CfnRule.DeadLetterConfigProperty( arn="arn" ), ecs_parameters=events.CfnRule.EcsParametersProperty( task_definition_arn="taskDefinitionArn", # the properties below are optional capacity_provider_strategy=[events.CfnRule.CapacityProviderStrategyItemProperty( capacity_provider="capacityProvider", # the properties below are optional base=123, weight=123 )], enable_ecs_managed_tags=False, enable_execute_command=False, group="group", launch_type="launchType", network_configuration=events.CfnRule.NetworkConfigurationProperty( aws_vpc_configuration=events.CfnRule.AwsVpcConfigurationProperty( subnets=["subnets"], # the properties below are optional assign_public_ip="assignPublicIp", security_groups=["securityGroups"] ) ), placement_constraints=[events.CfnRule.PlacementConstraintProperty( expression="expression", type="type" )], placement_strategies=[events.CfnRule.PlacementStrategyProperty( field="field", type="type" )], platform_version="platformVersion", propagate_tags="propagateTags", reference_id="referenceId", tag_list=[CfnTag( key="key", value="value" )], task_count=123 ), http_parameters=events.CfnRule.HttpParametersProperty( header_parameters={ "header_parameters_key": "headerParameters" }, path_parameter_values=["pathParameterValues"], query_string_parameters={ "query_string_parameters_key": "queryStringParameters" } ), input="input", input_path="inputPath", input_transformer=events.CfnRule.InputTransformerProperty( input_template="inputTemplate", # the properties below are optional input_paths_map={ "input_paths_map_key": "inputPathsMap" } ), kinesis_parameters=events.CfnRule.KinesisParametersProperty( partition_key_path="partitionKeyPath" ), redshift_data_parameters=events.CfnRule.RedshiftDataParametersProperty( database="database", # the properties below are optional db_user="dbUser", secret_manager_arn="secretManagerArn", sql="sql", sqls=["sqls"], statement_name="statementName", with_event=False ), retry_policy=events.CfnRule.RetryPolicyProperty( maximum_event_age_in_seconds=123, maximum_retry_attempts=123 ), role_arn="roleArn", run_command_parameters=events.CfnRule.RunCommandParametersProperty( run_command_targets=[events.CfnRule.RunCommandTargetProperty( key="key", values=["values"] )] ), sage_maker_pipeline_parameters=events.CfnRule.SageMakerPipelineParametersProperty( pipeline_parameter_list=[events.CfnRule.SageMakerPipelineParameterProperty( name="name", value="value" )] ), sqs_parameters=events.CfnRule.SqsParametersProperty( message_group_id="messageGroupId" ) )] )
Attributes
- description
The description of the rule.
- event_bus_name
The name or ARN of the event bus associated with the rule.
If you omit this, the default event bus is used.
- event_pattern
The event pattern of the rule.
For more information, see Events and Event Patterns in the Amazon EventBridge User Guide .
- name
The name of the rule.
- role_arn
The Amazon Resource Name (ARN) of the role that is used for target invocation.
If you’re setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a
RoleArn
with proper permissions in theTarget
structure, instead of here in this parameter.
- schedule_expression
The scheduling expression.
For example, “cron(0 20 * * ? *)”, “rate(5 minutes)”. For more information, see Creating an Amazon EventBridge rule that runs on a schedule .
- state
The state of the rule.
Valid values include:
DISABLED
: The rule is disabled. EventBridge does not match any events against the rule.ENABLED
: The rule is enabled. EventBridge matches events against the rule, except for AWS management events delivered through CloudTrail.ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
: The rule is enabled for all events, including AWS management events delivered through CloudTrail.
Management events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see Logging management events in the CloudTrail User Guide , and Filtering management events from AWS services in the Amazon EventBridge User Guide .
This value is only valid for rules on the default event bus or custom event buses . It does not apply to partner event buses .
- targets
Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.
Targets are the resources that are invoked when a rule is triggered.
The maximum number of entries per request is 10. .. epigraph:
Each rule can have up to five (5) targets associated with it at one time.
For a list of services you can configure as targets for events, see EventBridge targets in the Amazon EventBridge User Guide .
Creating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:
Amazon EBS CreateSnapshot API call
Amazon EC2 RebootInstances API call
Amazon EC2 StopInstances API call
Amazon EC2 TerminateInstances API call
For some target types,
PutTargets
provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using theKinesisParameters
argument. To invoke a command on multiple EC2 instances with one rule, you can use theRunCommandParameters
field.To be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:
For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.
For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the
RoleARN
argument inPutTargets
.
For more information, see Authentication and Access Control in the Amazon EventBridge User Guide .
If another AWS account is in the same region and has granted you permission (using
PutPermission
), you can send events to that account. Set that account’s event bus as a target of the rules in your account. To send the matched events to the other account, specify that account’s event bus as theArn
value when you runPutTargets
. If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see Amazon EventBridge Pricing . .. epigraph:``Input`` , ``InputPath`` , and ``InputTransformer`` are not available with ``PutTarget`` if the target is an event bus of a different AWS account.
If you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a
RoleArn
with proper permissions in theTarget
structure. For more information, see Sending and Receiving Events Between AWS Accounts in the Amazon EventBridge User Guide . .. epigraph:If you have an IAM role on a cross-account event bus target, a ``PutTargets`` call without a role on the same target (same ``Id`` and ``Arn`` ) will not remove the role.
For more information about enabling cross-account events, see PutPermission .
Input , InputPath , and InputTransformer are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:
If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).
If Input is specified in the form of valid JSON, then the matched event is overridden with this constant.
If InputPath is specified in the form of JSONPath (for example,
$.detail
), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).If InputTransformer is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.
When you specify
InputPath
orInputTransformer
, you must use JSON dot notation, not bracket notation.When you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.
This action can partially fail if too many requests are made at the same time. If that happens,
FailedEntryCount
is non-zero in the response and each entry inFailedEntries
provides the ID of the failed target and the error code.