Scheduling Events With The CloudWatch Event Console

Use The CloudWatch Event Console To Schedule Checks And React To Intermittent Events

Posted by Ryan S. Brown on Sun, Jan 17, 2016
In General
Tags: lambda, cloudwatch, schedules, alerting

Last week, AWS announced a new CloudWatch feature: events and schedules. It lets you build event-driven tools that handle actions like stopping EC2 instances as well as build schedules like UNIX’s cron system. Schedules can have 5-minute granularity, and if you specify a time it will always be UTC.

If you’ve already got the AWS CLI installed and configured you can use the aws events commands (docs here). In this post, we’ll use the console to create the scheduled event for the SSL expiration alerts in my last post.

The schedule we’ll set up is to run the expiration checks once a week on Mondays.

Console Introduction

Go to the CloudWatch console and click “Create Rule” to build our scheduled event.

Rule create dialog

Select “Schedule” from the event source dropdown menu. Scheduling an event lets you use cron syntax for fine-grained scheduling.

Scheduling Syntax

The event needs to run every Monday, and according to the schedule syntax docs we can write 0 12 ? * MON *. This breaks down as:

Time Selection Syntax Meaning
Minute 0 On the hour
Hour 12 Noon UTC
Day of month ? Any day of the month
Month * All months
Day of week MON Monday
Year * All years

Now let’s put that in the “Cron expression” dialog box.

Input cron syntax

If you want alerts less frequently (or more) go ahead and tweak the cron syntax before moving on.

Connecting a Function

On the other side of the page, you’ll see an “Add target” button. This is where you can connect functions to your schedule. If you followed the instructions in the SSL expiration alerts post, you’ll have a function with a name like SSLExpirationAlerting-SSLExpiryChecker..... available in the dropdown.

Target selection dialog box

In this case, we also need to add something to the “Constant JSON text” box. The SSL checker needs to know where to send alerts, since the topic isn’t hard-coded in the Python code. Instead, it reads the topic parameter from the event it receives here.

The scheduled event can send the topic when it invokes the question, so copy in this JSON (filling in the ARN of the SNS topic). To get the ARN, check the CloudFormation stack outputs. You should see an output named AlertingArn. Copy that into the JSON where it says ARN GOES HERE.

{"topic": "ARN GOES HERE"}
Target config parameters

Once that’s entered, click “Configure Details” in the lower right corner to save the event.

Finishing the Event Schedule

Now you can name your function something like “ssl-expiration-check” and save it.

Name and save your events

This will run every Monday at 12:00 UTC (or 7 a.m. if you’re on the East Coast) without you needing to do anything else. For more information, you can read the full docs for CloudWatch Events to get an idea of what else you can do. Also look forward to future posts here on the subject.

Keep up with future posts via RSS or subscribe to the mailing list. If you have suggestions, questions, or comments feel free to email me or tweet me @ryan_sb.

Tweet this, send to Hackernews, or post on Reddit