Provides an EventBridge Rule resource.
resource "aws_cloudwatch_event_rule" "console" {
name = "capture-aws-sign-in"
description = "Capture each AWS Console Sign In"
event_pattern = jsonencode({
detail-type = [
"AWS Console Sign In via CloudTrail"
]
})
}
resource "aws_cloudwatch_event_target" "sns" {
rule = aws_cloudwatch_event_rule.console.name
target_id = "SendToSNS"
arn = aws_sns_topic.aws_logins.arn
}
resource "aws_sns_topic" "aws_logins" {
name = "aws-console-logins"
}
resource "aws_sns_topic_policy" "default" {
arn = aws_sns_topic.aws_logins.arn
policy = data.aws_iam_policy_document.sns_topic_policy.json
}
data "aws_iam_policy_document" "sns_topic_policy" {
statement {
effect = "Allow"
actions = ["SNS:Publish"]
principals {
type = "Service"
identifiers = ["events.amazonaws.com"]
}
resources = [aws_sns_topic.aws_logins.arn]
}
}
This resource supports the following arguments:
name
- (Optional) The name of the rule. If omitted, Terraform will assign a random, unique name. Conflicts with name_prefix
.name_prefix
- (Optional) Creates a unique name beginning with the specified prefix. Conflicts with name
. Note: Due to the length of the generated suffix, must be 38 characters or less.schedule_expression
- (Optional) The scheduling expression. For example, cron(0 20 * * ? *)
or rate(5 minutes)
. At least one of schedule_expression
or event_pattern
is required. Can only be used on the default event bus. For more information, refer to the AWS documentation Schedule Expressions for Rules.event_bus_name
- (Optional) The name or ARN of the event bus to associate with this rule.
If you omit this, the default
event bus is used.event_pattern
- (Optional) The event pattern described a JSON object. At least one of schedule_expression
or event_pattern
is required. See full documentation of Events and Event Patterns in EventBridge for details. Note: The event pattern size is 2048 by default but it is adjustable up to 4096 characters by submitting a service quota increase request. See Amazon EventBridge quotas for details.force_destroy
- (Optional) Used to delete managed rules created by AWS. Defaults to false
.description
- (Optional) The description of the rule.role_arn
- (Optional) The Amazon Resource Name (ARN) associated with the role that is used for target invocation.is_enabled
- (Optional, Deprecated Use state
instead) Whether the rule should be enabled.
Defaults to true
.
Conflicts with state
.state
- (Optional) State of the rule.
Valid values are DISABLED
, ENABLED
, and ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
.
When state is ENABLED
, the rule is enabled for all events except those delivered by CloudTrail.
To also enable the rule for events delivered by CloudTrail, set state
to ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
.
Defaults to ENABLED
.
Conflicts with is_enabled
.
NOTE: The rule state ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS
cannot be used in conjunction with the schedule_expression
argument.
tags
- (Optional) A map of tags to assign to the resource. If configured with a provider default_tags
configuration block present, tags with matching keys will overwrite those defined at the provider-level.This resource exports the following attributes in addition to the arguments above:
id
- The name of the rule.arn
- The Amazon Resource Name (ARN) of the rule.tags_all
- A map of tags assigned to the resource, including those inherited from the provider default_tags
configuration block.In Terraform v1.5.0 and later, use an import
block to import EventBridge Rules using the event_bus_name/rule_name
(if you omit event_bus_name
, the default
event bus will be used). For example:
import {
to = aws_cloudwatch_event_rule.console
id = "example-event-bus/capture-console-sign-in"
}
Using terraform import
, import EventBridge Rules using the event_bus_name/rule_name
(if you omit event_bus_name
, the default
event bus will be used). For example:
% terraform import aws_cloudwatch_event_rule.console example-event-bus/capture-console-sign-in