I'm attempting to set up a Cloudwatch Event Rule to notify on any AWS IAM actions like DeleteUser or CreateUser. But when I tried to create an event pattern I couldn't find IAM in the service Name list even though when I searched in the AWS documentation i cant's find a mention of IAM not being supported by Cloudwatch event rules. So I tried to create a custom event but i didn't receive any email from SNS (my target), and yes I made sure cloudwatch has permissions to invoke SNS as we already have other working events, any idea on why this is not working ?
{
"source":[
"aws.iam"
],
"detail-type":[
"AWS API Call via CloudTrail"
],
"detail":{
"eventSource":[
"iam.amazonaws.com"
],
"eventName":[
"CreateUser",
"DeleteUser"
]
}
}
I figure it out, IAM emits cloudtrail events only in us-eas-1 and I'm using a different region, it worked when I created the Cloudwatch event in N. Virgenia
The source parameter needs to be "aws.cloudtrail" not "aws.iam".
IAM policy is a global service. It can only report in US-East-1(N.Virginia).
I have same exact config and the region is same as well but creating a new user still don't trigger the event as there is event in clouldtrail as well as in the monitoring of the event rule created. I see that they say in document that cloudtrail has to be enabled but when I create a rule for security group modification which is ec2 events then it is working fine but not with iam one. Is there any permission that I am missing for aws events to send logs to clould trail , if so how did you guys resolved it.
I am trying to add a trigger rule to a lambda version using cli:
I try the following command:
aws events put-targets --rule rule-name --targets "Id"="1","Arn"="arn..."
This commands run successfully and I can see my lambda function in Event Bridge console under targets. But when I go to lambda function and to the version I don't see any trigger event being added.
I am not sure if this an error/bug or expected behavior. Is there a way to add a trigger event to a published version of lambda function such that it shows in trigger console (essentially to show that trigger event is added successfully) using aws cli.
Use CDK. It will work
Create a lambda function and a rule using cdk. Then you can add that rule to lambda.
This works with CDK. But it doesn't work with CLI as you said. The trigger doesn't get added in lambda.
Sample code:
Note: This is not the complete CDK code. This is just the part for creating lambda,rule and adding it to lambda. This example is in Python
fn = lambda_.Function(self, "Name",
runtime=lambda_.Runtime.PYTHON_3_7,
handler="index.lambda_handler",
role=custom_role,
code=lambda_.Code.from_asset(
os.path.join(
up_dir(__file__, 2),
"resources/lambda/pathtoyourcode",
)
),
)
# Run Every Minute
run_every_minute = _events.Rule(
self,
"runEveryMinute",
schedule=_events.Schedule.rate(core.Duration.minutes(1))
)
# Add Lambda to CW Event Rule
run_every_minute.add_target(_targets.LambdaFunction(fn))
Via awscli > $ aws s3api put-bucket-notification-configuration
CONSOLE
I have had the same problem, it's a little bit frustating but, i've found other way and maybe a more logical way. Triggers in Lambda Console only support a few message notification services. And seems to be mostly for test purposes. Although, there's a way to invoke your lambda function from an event in S3.
To configure S3 to send some event file at some lambda function from some event occurs on your bucket, just go to your bucket through this path in S3 Console:
BucketName > Properties > EventNotifications !
AWSCLI
there you can configure your event source, even awscli support it vi 's3api' service command:
#$ aws s3api put-bucket-notification # Deprecated
#$ aws s3api put-bucket-notification-configuration
the last one support the following destination from S3:
Lambda functions
SNS Topic
SQS Queue
Ref using S3 Triggers with Lambda https://docs.aws.amazon.com/lambda/latest/dg/with-s3-tutorial.html#with-s3-tutorial-configure-event-source
It seems like this is not possible at the moment. I have checked the aws-sdk and there is a createEventSourceMapping method but that one only allows for DynamoDB, Kinesis, etc.
https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Lambda.html#createEventSourceMapping-property
I have created a Lambda function which will be triggered via a subscription to a CloudWatch Log Pattern and the function will in-turn pass the logs to a web-hook (Refer https://gist.github.com/tomfa/f4e090cbaff0189eba17c0fc301c63db).
Now, I need this lambda function to EXECUTE only if the the function is called "x" times in "y" minutes.
Is it possible to disable/enable a lambda through SNS. Another idea is to
1. Create CloudWatch Events on State Change
2. Subscribe this to a SNS which will
enables the lambda, if state goes from OK to ALARM
disables the lambda, if state goes back to OK
You can use CloudWatch Events to send a message to an Amazon SNS topic on a schedule. make sure you are in correct region as as CloudWatch Events is not available in every region.
https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/WhatIsCloudWatchEvents.html
How to configure Cloudwatch :
AWS Lambda Scheduled Tasks
run scheduled task in AWS without cron
AWS Lambda Scheduled Tasks
Use CloudWatch and get metrics about the lambda invocation and error and you can find successful call and error , threshold count. now you can use AWS SDK
https://docs.aws.amazon.com/cli/latest/reference/cloudwatch/get-metric-data.html
export.handler = function(event, context, callback) {
apiCall().then(resp => callback(null, resp).catch(err => callback(err));
}
You could create a custom CloudWatch Metric based of your search filter of the CloudWatch Logs
Examples of this can be found in the Amazon CloudWatch Logs User Guide
Count Log Events
aws logs put-metric-filter \
--log-group-name MyApp/access.log \
--filter-name EventCount \
--filter-pattern "" \
--metric-transformations \
metricName=MyAppEventCount,metricNamespace=MyNamespace,metricValue=1,defaultValue=0
Count Occurrences
aws logs put-metric-filter \
--log-group-name MyApp/message.log \
--filter-name MyAppErrorCount \
--filter-pattern 'Error' \
--metric-transformations \
metricName=ErrorCount,metricNamespace=MyNamespace,metricValue=1,defaultValue=0
Then you can go in and create a CloudWatch Alarm that will fire based on x of these events being logged in y time span. The CloudWatch Alarm can send a message to an SNS topic that triggers your Lambda function
I'm creating a logs aggregator lambda to send Cloudwatch logs to a private log analysis service. Given the number of resources used by my employer, it was decided to create a subscription lambda that handles log group subscription to the aggregator.
The solution works fine, but it requires to manually search a resource's log group via amazon console and then invoke the subscription lambda with it.
My question:
Is there a way to, given a resource arn, find which log group is mapped to it? Since I'm using Cloudformation to create resources it is easy to export a resource's arn.
UPDATE
To present an example:
Let's say I have the following arn:
arn:aws:appsync:<REGION>:<ACCOUNTID>apis/z3pihpr4gfbzhflthkyjjh6yvu
which is an Appsync GraphQL API.
What I want it a method (using te API or some automated solution) to get the Cloudwatch log group of that resource.
You can try the describe-log-groups command. It is available on the cli, must also be there on the API.
To get the names of the log groups you can go with:
aws logs describe-log-groups --query 'logGroups[*].logGroupName' --log-group-name-prefix '/aws/appsync/[name-of-the-resource]'
Output will look like this:
[
"/aws/appsync/[name-of-your-resource]"
]
Amazon announced AWS Lambda (http://aws.amazon.com/lambda/).
The product description includes:
Scheduled Tasks
AWS Lambda functions can be triggered by external event timers, so
functions can be run during regularly scheduled maintenance times or
non-peak hours. For example, you can trigger an AWS Lambda function to
perform nightly archive cleanups during non-busy hours.
When I read this, I understood I could finally have a way to consistently do "cron-like" tasks. I want to run a specific query everyday at 5PM let's say.
However I do not find this anywhere in the documentation. They only mention triggers on programatical events, or events from other AWS services.
Did I misunderstand? Or can someone point me to the documentation?
Native Support for Scheduled Events added October 8, 2015:
As announced in this AWS blog post, scheduling is now supported as an event source type (also called triggers) called "CloudWatch Events - Schedule", and can be expressed as a rate or a cron expression.
Add Scheduled Event to a new lambda
Navigate to the 'Configure triggers' step of creation, and specify the 'CloudWatch Event - Schedule' trigger. Example configuration below:
Add Scheduled Event to an existing lambda
Navigate to the 'Triggers' tab of your lambda, select 'Add Trigger', and specify the 'CloudWatch Event - Schedule' trigger. Example screenshot where I have an existing lambda with an SNS trigger:
Once loaded, the UI to configure this trigger is identical to the screenshot in the above "Add Scheduled Event to a new lambda" section above.
Discussion
For your example case, you'll want to use cron() instead of rate(). Cron expressions in lambda require all fields and are expressed in UTC. So to run a function every day at 5pm (UTC), use the following cron expression:
cron(0 17 * * ? *)
Further Resources
AWS Documentation - Schedule Expressions Using Rate or Cron
AWS Documentation - Run an AWS Lambda Function on a Schedule Using the AWS CLI
AWS Documentation - Tutorial: Using AWS Lambda with Scheduled Events
AWS has provided a sample "blueprint" that uses a cron expression called lambda-canary that can be selected during function creation from the AWS console.
This tutorial walks you through configuration of this blueprint.
Notes
The name of this event type has changed from "Scheduled Event" to "CloudWatch Events - Schedule" since this feature was first released.
Prior to the release of this feature, the recommended solution to this issue (per "Getting Started with AWS Lambda" at 42min 50secs) was to use SWF to create a timer, or to create a timer with an external application.
The Lambda UI has been overhauled since the scheduled event blog post came out, and the screenshots within are no longer exact. See my updated screenshots above from 3/10/2017 for latest revisions.
Since the time of this post, there seems to have risen another solution: Schedule Recurring AWS Lambda Invocations With The Unreliable Town Clock (UTC) in which the author proposes subscribing to the SNS topic Unreliable Town Clock. I've used neither SWF nor SNS, but it seems to me that the SNS solution is simpler. Here's an excerpt from the article
Unreliable Town Clock (UTC)
The Unreliable Town Clock (UTC) is a new, free, public SNS Topic
(Amazon Simple Notification Service) that broadcasts a “chime” message
every quarter hour to all subscribers. It can send the chimes to AWS
Lambda functions, SQS queues, and email addresses.
You can use the chime attributes to run your code every fifteen
minutes, or only run your code once an hour (e.g., when minute ==
"00") or once a day (e.g., when hour == "00" and minute == "00") or
any other series of intervals.
You can even subscribe a function you only want to run only once at a
specific time in the future: Have the function ignore all invocations
until it’s after the time it wants. When it is time, it can perform
its job, then unsubscribe itself from the SNS Topic.
Connecting your code to the Unreliable Town Clock is fast and easy. No
application process or account creation is required
NEW SOLUTION: Lambda Scheduled Jobs
Werner Vogel has announced tonight (10/08) at re:Invent that AWS Lambda now has it's own scheduler.
Se the AWS Lambda release note on 2015-10-08 :
You can also set up AWS Lambda to invoke your code on a regular,
scheduled basis using the AWS Lambda console. You can specify a fixed
rate (number of hours, days, or weeks) or you can specify a cron
expression. For an example, see Walkthrough 5: Using Lambda Functions
to Process Scheduled Events (Python).
OLD SOLUTION: Scheduling with AWS Data Pipeline
You can use AWS Data Pipeline to schedule a task with a given period. The action can be any command when you configure your Pipeline with the ShellCommandActivity.
You can for example run an AWS CLI command to:
Put a message to SQS
or directly invoke a Lambda function (see invoke)
You can easily create the AWS Data Pipeline scheduled task directly within AWS console (e.g. with an AWS CLI command) :
You can also use the API to define your scheduling:
{
"pipelineId": "df-0937003356ZJEXAMPLE",
"pipelineObjects": [
{
"id": "Schedule",
"name": "Schedule",
"fields": [
{ "key": "startDateTime", "stringValue": "2012-12-12T00:00:00" },
{ "key": "type", "stringValue": "Schedule" },
{ "key": "period", "stringValue": "1 hour" },
{ "key": "endDateTime", "stringValue": "2012-12-21T18:00:00" }
]
}, {
"id": "DoSomething",
"name": "DoSomething",
"fields": [
{ "key": "type", "stringValue": "ShellCommandActivity" },
{ "key": "command", "stringValue": "echo hello" },
{ "key": "schedule", "refValue": "Schedule" }
]
}
]
}
Limits: Minimum scheduling interval is 15 minutes.
Pricing: About $1.00 per month.
Here is how I do it:
Create Lambda which:
purges given SQS
sends there message with delay 10 minutes
https://gist.github.com/mikeplavsky/5ffe7e33e0d70a248537
Create CloudWatch Alarm for: ApproximateNumberOfMessagesVisible > 0 for 1 minute
Subscribe SNS Topic to the Alarm
Subscribe Lambda to SNS Topic
Now you have a timer with approximately 15 minutes resolution.
Then other Lambda functions are subscribed to SNS Topic and called every 15 minutes.
Since it is now easily possible to trigger lambda functions over HTTP (e.g. using GET or curl) a simple solution is to use a managed CRON like easycron: https://www.easycron.com/ to trigger your lambda function into running.
We had the same problem and ended up running a cron service on Google App Engine in python since this allowed for more flexibility and complexity in the CRON job itself.
In the Function page, Add trigger, you can add a CloudWatch Events, and make it as a schedule type
Run as cron in AWS
An example to setup cloudwatch schedule event trigger for you lambda using cloudformation.
LambdaSchedule:
Type: "AWS::Events::Rule"
Properties:
Description: A schedule for the Lambda function..
ScheduleExpression: rate(5 minutes)
State: ENABLED
Targets:
- Arn: !Sub ${LambdaFunction.Arn}
Id: LambdaSchedule
LambdaSchedulePermission:
Type: "AWS::Lambda::Permission"
Properties:
Action: 'lambda:InvokeFunction'
FunctionName: !Sub ${LambdaFunction.Arn}
Principal: 'events.amazonaws.com'
SourceArn: !Sub ${LambdaSchedule.Arn}
LambdaFunction:
Type: "AWS::Lambda::Function"
Properties:
Description: Scheduled lambda to run every 5 minutes
CodeUri: ./build/package.zip
Handler: index.lambda_handler
MemorySize: 128
Runtime: python3.6
AWS Recently(10-Nov-2022) launched a new service called EventBridge Scheduler or you can choose EventBridge Rules for this as well. As per your example here I'm going to trigger an event every day at 5.00 A.M. As you can see it shows us the next 10 trigger dates and times as well, this will really help us to manually check our cron before doing anything.
Please note, if you want to start this schedule on a specific date and time, please choose EventBridge Scheduler for that. It has a Timeframe option. If you want to know more information about Timeframeplease have look at this answer.
In the target section, you can select 35 AWS Lambda function options.
Hope this will help you.
You could schedule it with cloudWatch events too. Create rule -> attach target (lambda) and set up cron/rate wise schedule on your rule.
The web-console way is pretty straightforward. Just create a CloudWatch rule for the lambda and add it in the lambda's Triggers tab.
For those who needs to automate that with aws cli, we can
create the function,
create the rule,
grant the permission,
link rule and function
Create function
aws lambda create-function --function-name ${FUNCTION-NAME} \
--runtime java8 \
--role 'arn:aws:iam::${Account}:role/${ROLE}' \
--handler org.yourCompany.LambdaApp \
--code '{"S3Bucket":"yourBucket", "S3Key": "RC/yourapp.jar"}' \
--description 'check hive connection' \
--timeout 180 \
--memory-size 384 \
--publish \
--vpc-config '{"SubnetIds": ["subnet-1d2e3435", "subnet-0df4547a"], "SecurityGroupIds": ["sg-cb17b1ae", "sg-0e7ae277"]}' \
--environment Variables={springEnv=dev}
Create rules
## create
aws events put-rule --name ${ruleName} \
--schedule-expression 'rate(5 minutes)' \
--state ENABLED \
--description 'check hive connection'
# grant permission to the Rule to allow it to trigger the function
aws lambda add-permission --function-name ${functionName} \
--statement-id 123 \
--action 'lambda:InvokeFunction' \
--principal events.amazonaws.com \
--source-arn arn:aws:events:us-east-1:acc:rule/${ruleName}
# link rule and function
aws events put-targets --rule ${ruleName} \
--targets '[{"Id":"1", "Arn":"arn:aws:lambda:us-east-1:acc:function:RC-checkhive"}]'
simple way to run your query in lambda for particular time interval is to set rule for your lambda function. for that after creating lambda function go to cloudwatch>>rules>>schedule. and define cron expression and in the target section select lambda function which you want to trigger.
Posted - 27 June 2021
You can schedule AWS Lambda functions using Amazon EventBridge
Here I am using AWS Management Console
Select your Lambda function and in configuration select "Triggers"
Select EventBridge(CloudWatch Events) - Basically this is the latest version of one of the popular answers(using CloudWatch triggers).
Create a new rule - Add details. My lambda will be triggered at 4pm UTC everday.
EventsBridge (CloudWatch) Solution:
You can create an AWS Events Bridge Rule and set a Lambda function as the target using its ARN. You can specify a rate or cron schedule expression. For example, the following expression will run your Lambda function after every ten minutes on all weekdays.
schedule = "cron(0/10 * ? * MON-FRI *)"
Note that your EventsBridge role will also require the lambda:InvokeFunction permission so EventsBridge can trigger your Lambda function.
Here's a full tutorial for the Terraform setup for this architecture: https://medium.com/geekculture/terraform-setup-for-scheduled-lambda-functions-f01931040007
While creating the lambda function create trigger "CloudWatch Events - Schedule"
Now you can either use AWS presets in schedule expression like rate = 15 min or you can use a cron expression.
For your requirement the Cron Schedule is "0 0 17 1/1 * ? *"
Here's an example of deploying up a Scheduled Lambda to run every 10 minutes using Serverless. The function handler is located at src/scheduled/index.handler and the rate is specified in the Lambda's settings. AWS uses EventBridge now to control when the Lambda should be invoked. That is all setup automatically for you when using Serverless. You can see the setup in the AWS console by viewing the Lambda or by looking at the "default" EventBridge in the EventBridge section.
https://carova.io/snippets/serverless-aws-lambdafunction-scheduled-cronjob
Diksha is AWS Lambda Scheduler based on AWS SWF Trigger as recommended by AWS Team. One can schedule jobs using cron expressions and can also specify how many time you want to run, when to start or when to end. You can view status as well as history of scheduled jobs. Security is managed by AWS policies.
Once you set up diksha engine, you can schedule functions using cron expression in following way:
java -jar diksha-client-0.0.1.jar -lcfg cf1 -cj "jobName|functionName|context|0 0-59 * * * *|10"
In this job job will run every minute for 10 times. AWS SWF will trigger function by itself.
Details: https://github.com/milindparikh/diksha
Disclaimer: I am contributor to the project.