2. Programming Q&A
  3. amazon web services - How to create a CloudWatch alarm for an EventBridge Pipe's stopped state in AWS? - Stack Overflow

amazon web services - How to create a CloudWatch alarm for an EventBridge Pipe's stopped state in AWS? - Stack Overflow

admin2025-04-30  0

I am working with AWS EventBridge Pipes using Terraform, and I want to create a CloudWatch alarm that notifies me whenever a pipe transitions to the Stopped state. However, I encountered an issue since EventBridge Pipes do not seem to have a built-in CloudWatch metric like PipeState.

  • I don't have CloudWatch logs for pipes due to project requirements.
  • In AWS console > CloudTrail > Event History, I can see an event with the name "StopPipe" when a pipe is stopped. The event source is "pipes.amazonaws", and the resource type is "AWS::Pipes::Pipe".

I have tried setting up the following resources using Terraform:

  1. A CloudWatch Event Rule to capture the StopPipe event from CloudTrail.
  2. An SNS Topic for notifications.
  3. A CloudWatch Metric Alarm to trigger when the event is detected.

Problem: When the pipe is stopped, the CloudWatch alarm is not firing, StopPipe event is visible in CloudTrail > event history.

I need help with where I might be going wrong or if there's a different approach I should consider. Any guidance would be much appreciated!

Code:

# Resource: CloudWatch Event Rule to capture StopPipe event from CloudTrail
resource "aws_cloudwatch_event_rule" "pipe_stop_status_rule" {
  name        = "pipe-stop-status-rule"
  description = "CloudWatch rule to capture StopPipe events from CloudTrail"

  event_pattern = jsonencode({
    "source"     = ["pipes.amazonaws"],
    "detail-type" = ["AWS API Call via CloudTrail"],
    "detail" = {
      "eventName" = ["StopPipe"]
    }
  })
}

# Resource: CloudWatch Event Target to send the event to SNS
resource "aws_cloudwatch_event_target" "pipe_stop_event_target" {
  rule      = aws_cloudwatch_event_rule.pipe_stop_status_rule.name
  target_id = "sns-target"
  arn       = aws_sns_topic.pipe_alarm_topic.arn
}

# Resource: SNS Topic for Notifications
resource "aws_sns_topic" "pipe_alarm_topic" {
  name = "pipe-stopped-alarm-topic"
}

# Resource: SNS Topic Subscription (Email)
resource "aws_sns_topic_subscription" "email_subscription" {
  topic_arn = aws_sns_topic.pipe_alarm_topic.arn
  protocol  = "email"
  endpoint  = "[email protected]"  # Replace with your email
}

# Resource: CloudWatch Alarm for monitoring StopPipe events
resource "aws_cloudwatch_metric_alarm" "pipe_stop_alarm" {
  alarm_name          = "pipe-stop-status"
  comparison_operator = "GreaterThanOrEqualToThreshold"
  evaluation_periods  = 1
  metric_name         = "StopPipeEventDetected"
  namespace           = "Custom/EventBridgePipes"
  period              = 60
  statistic           = "Sum"
  threshold           = 1

  alarm_description = "Triggers when a StopPipe event is detected"
  actions_enabled   = true

  alarm_actions = [
    aws_sns_topic.pipe_alarm_topic.arn
  ]
}

I am working with AWS EventBridge Pipes using Terraform, and I want to create a CloudWatch alarm that notifies me whenever a pipe transitions to the Stopped state. However, I encountered an issue since EventBridge Pipes do not seem to have a built-in CloudWatch metric like PipeState.

  • I don't have CloudWatch logs for pipes due to project requirements.
  • In AWS console > CloudTrail > Event History, I can see an event with the name "StopPipe" when a pipe is stopped. The event source is "pipes.amazonaws.com", and the resource type is "AWS::Pipes::Pipe".

I have tried setting up the following resources using Terraform:

  1. A CloudWatch Event Rule to capture the StopPipe event from CloudTrail.
  2. An SNS Topic for notifications.
  3. A CloudWatch Metric Alarm to trigger when the event is detected.

Problem: When the pipe is stopped, the CloudWatch alarm is not firing, StopPipe event is visible in CloudTrail > event history.

I need help with where I might be going wrong or if there's a different approach I should consider. Any guidance would be much appreciated!

Code:

# Resource: CloudWatch Event Rule to capture StopPipe event from CloudTrail
resource "aws_cloudwatch_event_rule" "pipe_stop_status_rule" {
  name        = "pipe-stop-status-rule"
  description = "CloudWatch rule to capture StopPipe events from CloudTrail"

  event_pattern = jsonencode({
    "source"     = ["pipes.amazonaws.com"],
    "detail-type" = ["AWS API Call via CloudTrail"],
    "detail" = {
      "eventName" = ["StopPipe"]
    }
  })
}

# Resource: CloudWatch Event Target to send the event to SNS
resource "aws_cloudwatch_event_target" "pipe_stop_event_target" {
  rule      = aws_cloudwatch_event_rule.pipe_stop_status_rule.name
  target_id = "sns-target"
  arn       = aws_sns_topic.pipe_alarm_topic.arn
}

# Resource: SNS Topic for Notifications
resource "aws_sns_topic" "pipe_alarm_topic" {
  name = "pipe-stopped-alarm-topic"
}

# Resource: SNS Topic Subscription (Email)
resource "aws_sns_topic_subscription" "email_subscription" {
  topic_arn = aws_sns_topic.pipe_alarm_topic.arn
  protocol  = "email"
  endpoint  = "[email protected]"  # Replace with your email
}

# Resource: CloudWatch Alarm for monitoring StopPipe events
resource "aws_cloudwatch_metric_alarm" "pipe_stop_alarm" {
  alarm_name          = "pipe-stop-status"
  comparison_operator = "GreaterThanOrEqualToThreshold"
  evaluation_periods  = 1
  metric_name         = "StopPipeEventDetected"
  namespace           = "Custom/EventBridgePipes"
  period              = 60
  statistic           = "Sum"
  threshold           = 1

  alarm_description = "Triggers when a StopPipe event is detected"
  actions_enabled   = true

  alarm_actions = [
    aws_sns_topic.pipe_alarm_topic.arn
  ]
}
  • amazon-web-services
  • terraform
  • terraform-provider-aws
  • amazon-cloudwatch
  • cloudwatch-alarms
Share Improve this question asked Jan 4 at 20:47 VickyVicky 233 bronze badges 0
Add a comment  | 

1 Answer 1

Reset to default 0

Based on the terraform docs for the aws_cloudwatch_event_rule resource, the SNS topic seems to be missing the topic policy resource and a corresponding policy document. Something like the following should work:

resource "aws_cloudwatch_event_rule" "pipe_stop_status_rule" {
  name        = "pipe-stop-status-rule"
  description = "CloudWatch rule to capture StopPipe events from CloudTrail"

  event_pattern = jsonencode({
    "source"     = ["pipes.amazonaws.com"],
    "detail-type" = ["AWS API Call via CloudTrail"],
    "detail" = {
      "eventName" = ["StopPipe"]
    }
  })
}

# Resource: CloudWatch Event Target to send the event to SNS
resource "aws_cloudwatch_event_target" "pipe_stop_event_target" {
  rule      = aws_cloudwatch_event_rule.pipe_stop_status_rule.name
  target_id = "sns-target"
  arn       = aws_sns_topic.pipe_alarm_topic.arn
}

# Resource: SNS Topic for Notifications
resource "aws_sns_topic" "pipe_alarm_topic" {
  name = "pipe-stopped-alarm-topic"
}

data "aws_iam_policy_document" "pipe_alarm" {
  statement {
    sid    = "CloudWatch"
    effect = "Allow"
    principals {
      type = "Service"
      identifiers = [
        "cloudwatch.amazonaws.com"
      ]
    }
    actions = [
      "SNS:Publish"
    ]
    resources = [
      aws_sns_topic.pipe_alarm_topic.arn
    ]
    condition {
      test     = "ArnLike"
      variable = "aws:SourceArn"
      values = [
        "arn:aws:cloudwatch:<region>:<account id>:alarm:*"
      ]
    }
    condition {
      test     = "StringEquals"
      variable = "aws:SourceAccount"
      values = [
        <account id>
      ]
    }
  }
}

resource "aws_sns_topic_policy" "pipe_alarm" {
  arn    = aws_sns_topic.pipe_alarm_topic.arn
  policy = data.aws_iam_policy_document.pipe_alarm.json
}

# Resource: SNS Topic Subscription (Email)
resource "aws_sns_topic_subscription" "email_subscription" {
  topic_arn = aws_sns_topic.pipe_alarm_topic.arn
  protocol  = "email"
  endpoint  = "[email protected]"  # Replace with your email
}

# Resource: CloudWatch Alarm for monitoring StopPipe events
resource "aws_cloudwatch_metric_alarm" "pipe_stop_alarm" {
  alarm_name          = "pipe-stop-status"
  comparison_operator = "GreaterThanOrEqualToThreshold"
  evaluation_periods  = 1
  metric_name         = "StopPipeEventDetected"
  namespace           = "Custom/EventBridgePipes"
  period              = 60
  statistic           = "Sum"
  threshold           = 1

  alarm_description = "Triggers when a StopPipe event is detected"
  actions_enabled   = true

  alarm_actions = [
    aws_sns_topic.pipe_alarm_topic.arn
  ]
}
转载请注明原文地址:http://anycun.com/QandA/1746028064a91547.html