Last week, AWS announced a new CloudWatch feature:
events and schedules. It lets you build event-driven tools
that handle actions like stopping EC2 instances as well as build schedules like
UNIX’s cron system. Schedules can have 5-minute granularity, and if you
specify a time it will always be UTC.
If you’ve already got the AWS CLI installed and
configured you can use the aws events commands (docs
here). In this post, we’ll use the console to create the scheduled
event for the SSL expiration alerts in my last post.
The schedule we’ll set up is to run the expiration checks once a week on Mondays.
Console Introduction
Go to the CloudWatch console and click “Create Rule” to build our scheduled event.
Select “Schedule” from the event source dropdown menu. Scheduling an event lets you use cron syntax for fine-grained scheduling.
Scheduling Syntax
The event needs to run every Monday, and according to the
schedule syntax docs we can write 0 12 ? * MON *. This
breaks down as:
Now let’s put that in the “Cron expression” dialog box.
If you want alerts less frequently (or more) go ahead and tweak the cron syntax before moving on.
Connecting a Function
On the other side of the page, you’ll see an “Add target” button. This is where
you can connect functions to your schedule. If you followed the instructions in
the SSL expiration alerts post, you’ll have a function with a name
like SSLExpirationAlerting-SSLExpiryChecker..... available in the dropdown.
In this case, we also need to add something to the “Constant JSON text” box.
The SSL checker needs to know where to send alerts, since the topic isn’t
hard-coded in the Python code. Instead, it reads the topic parameter from the
event it receives here.
The scheduled event can send the topic when it invokes the question, so copy in
this JSON (filling in the ARN of the SNS topic). To get the ARN, check
the CloudFormation stack outputs. You should see an output named AlertingArn.
Copy that into the JSON where it says ARN GOES HERE.
{"topic": "ARN GOES HERE"}
Once that’s entered, click “Configure Details” in the lower right corner to save the event.
Finishing the Event Schedule
Now you can name your function something like “ssl-expiration-check” and save it.
This will run every Monday at 12:00 UTC (or 7 a.m. if you’re on the East Coast) without you needing to do anything else. For more information, you can read the full docs for CloudWatch Events to get an idea of what else you can do. Also look forward to future posts here on the subject.
Keep up with future posts via RSS. If you have suggestions, questions, or comments feel free to email me ryan@serverlesscode.com or tweet me @ryan_sb.