EventBridge Rule for SecretsManager Rotation events
Hello, I follow this documentation https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring-eventbridge.html#monitoring-eventbridge_examples-rotations to create an EventBridge rule with the following content :
{
"source": ["aws.secretsmanager"],
"detail": {
"eventSource": ["secretsmanager.amazonaws.com"],
"eventName": ["GetSecretValue", "PutSecretValue", "UpdateSecret", "RotationSucceeded"]
},
"$or": [{
"detail-type": ["AWS API Call via CloudTrail"]
}, {
"detail-type": ["AWS Service Event via CloudTrail"]
}]
}
But this role is never getting triggered, there is no Invocations nor FailedInvocations in the metrics.... Although I can see events in the Cloudtrail console :
But, when I change to rule to :
{
"source": ["com.david.test"]
}
And send a custom event into the default event bus, it matches successfully the rule and triggers the target lambda :
{
"version": "0",
"id": "5d9c4271-1011-76eb-6c4d-5c6948dd43cb",
"detail-type": "Test",
"source": "com.david.test",
"account": "551708916738",
"time": "2023-05-12T14:52:03Z",
"region": "us-east-1",
"resources": [],
"detail": {
"eventSource": "com.david.test"
}
}
I can't understand why it works with custom test events but not AWS Service events in CloudTrail ?
Thank you
- Newest
- Most votes
- Most comments
You have to verify how your AWS CloudTrail is setup: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-create-a-trail-using-the-console-first-time.html
Relevant content
- asked a year ago
- Accepted Answerasked 10 months ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 9 months ago
How are you testing out EventBridge?
@vtjean Hello, I am using this tool : https://us-east-1.console.aws.amazon.com/events/home?region=us-east-1#/eventbuses/sendevents?eventBus=default , which allows me to send custom events into the default event bus.