By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

EventBridge Troubleshooting

0

Team, I'm trying to trigger an event based on the Ec2 tag "key" (Using EventBridge), But it fails.

{ "source": ["aws.ec2"], "detail-type": ["EC2 Instance State-change Notification"], "detail": { "state": ["running"], } }

This creates Event

whereas

{ "source": ["aws.ec2"], "detail-type": ["EC2 Instance State-change Notification"], "detail": { "state": ["running"], "tags": ["Name"] } }

Doesn't . I took the json based on the cloudtrail event

"tagSpecificationSet": {
        "items": [
            {
                "resourceType": "instance",
                "tags": [
                    {
                        "key": "Name",
                        "value": "Instance3"
                    }
                ]
            }
        ]
    },

Question,

  • I believe the problem is with event pattern matching and me not having right source
  • Side note, The sample event in event change not notification doesn't have TAG. So, Is it event possible to use filter event based on TAG with the EventBridge?
Topics
ComputeServerlessApplication IntegrationManagement & Governance
Tags
Amazon EC2Amazon EventBridgeAmazon CloudWatch
Language
English
AWS-Consultant
asked 2 years ago1046 views
1 Answer
-1
Accepted Answer

The issue with your pattern is that you omitted the "Key" from there. It should be something like this (I based it on your example, did not check what the actual event looks like):

{
  "source": ["aws.ec2"],
  "detail-type": ["EC2 Instance State-change Notification"],
  "detail": { 
    "state": ["running"],
    "tagSpecificationSet": {
      "items": {
        "tags": {
          "key": ["Name"]
        }
      }
    }
  }
}

Note, the above pattern will match any tag that has a Key = Name. I assume you want to have a rule that matches Name = Instance3. This, i.e., correlating two attributes, is not supported by EventBridge Rules. If all you do is catch events regarding instances that have a tag names Name, this will work.

profile pictureAWS
EXPERT
Uri
answered 2 years ago
  • AWS-Consultant
    2 years ago

    That's a nice catch ! Unfortunately it didn't work . Probably do to with the actual event itself. How can log the events? (I tired DQL , But didn't work) Bcoz I'm now suspecting the Amazon EC2 State Change Event doesn't have "TAG" link https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/EventTypes.html#ec2_event_type . I'm looking for the event when EC2 is successfully created . Based on the event/json, so I can trigger the Run command (Target) by getting the Instance ID .

  • AWS-Consultant
    2 years ago

    The issue was due to the event not having the TAG

    { "version": "0", "id": "XX", "detail-type": "EC2 Instance State-change Notification", "source": "aws.ec2", "account": "123", "time": "2022-09-05T10:42:39Z", "region": "us-east-1", "resources": [ "XX" ], "detail": { "instance-id": "XX", "state": "running" } }

  • Jaime V
    6 months ago

    EC2 Instance State-change Notification do not specify tags within the Event JSON, for available JSON properties please see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-instance-state-changes.html

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content