Ends in
00
days
00
hrs
00
mins
00
secs
ENROLL NOW

🎁 Get 20% Off - Christmas Big Sale on All Practice Exams, Video Courses, and eBooks!

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

AWS EventBridge is a serverless event bus service that simplifies event-driven architectures. In this guide, we’ll explore how to leverage EventBridge with a cross-region event bus to overcome the regional limitations associated with IAM (Identity and Access Management) events. This setup will enable you to capture and respond to IAM events seamlessly across AWS regions.

Use Case: Cross-Region IAM Event Notifications with AWS EventBridge

AWS CloudWatch Events are powerful, but they are region-specific, posing challenges when attempting to capture IAM events. It’s essential to note that IAM is a global service, and the IAM events are only available in the us-east-1 region. By using AWS EventBridge with a cross-region event bus, we can create a scalable and efficient solution for cross-region IAM event notifications.

Challenge:

  • CloudWatch Events are limited to the region in which they are created.

  • IAM events are only available in the us-east-1 region, posing challenges for cross-region event management.

Solution:

Tutorials dojo strip
  • Utilize AWS EventBridge with a cross-region event bus for seamless IAM event notifications across regions.

Prerequisites

  1. AWS Account: Ensure you have an AWS account and the necessary permissions to set up EventBridge, Lambda functions, and SNS topics.

  2. Lambda Function: Create a Lambda function that will be triggered by EventBridge and will be responsible for sending SNS email notifications.

  3. SNS Topic: Set up an SNS topic that will be used to send email notifications.

  4. CloudTrail: The CloudTrail must be enabled in us-east-1 region.

Step 1: Create a Lambda Function

Create a Lambda function at any region that you want. For this example, the Lambda function is deployed in ap-southeast-1. This Lambda will invoke an SNS topic at the same region to notify through email.

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

NOTE: You can refer to this page to use the same Lambda code used in this article.

Step 2: Create an SNS Topic

Create an SNS Topic at the same region where the Lambda function is deployed. You must also create an email subscription and confirm the email address endpoint that will receive the notification:

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

Step 3: Set Up EventBridge Rule in N. Virginia

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

For the event pattern, make sure that it is for the intended event only. In this case, we are only triggering the rule when there is an API call for the CreateUser IAM event.

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

Select Event bus in a different account or Region on the target page. Paste the ARN of the event bus. In this solution, we are using the default event bus of the ap-southeast-1 region.

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

Step 4: Set up the EventBridge rule invoking the Lambda

Create an event rule to the same region as your Lambda or, in this case, ap-southeast-1.

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

On the target page, select the Lambda created from step 1.

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

Step 5: Test the Setup

Create a test IAM user and confirm if an email about the event is received.

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

Setting Up AWS EventBridge for Cross-Region IAM Event Notifications

Conclusion

By utilizing AWS EventBridge with a cross-region event bus, you’ve successfully established a scalable solution for cross-region IAM event notifications. This approach allows you to capture and respond to IAM events seamlessly across different AWS regions, providing flexibility and centralized management.

References:

Get 20% Off – Christmas Big Sale on All Practice Exams, Video Courses, and eBooks!

Tutorials Dojo portal

Learn AWS with our PlayCloud Hands-On Labs

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

FREE AWS Exam Readiness Digital Courses

FREE AWS, Azure, GCP Practice Test Samplers

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

Follow Us On Linkedin

Recent Posts

Written by: Bill Junidez Liad

Bill works as a Cloud and DevOps Engineer and is situated in the Philippines. He is actively engaged in furthering his knowledge of the cloud and has significant experience with Web Application Development and Amazon Web Services (AWS). He presently has three AWS Associate certifications. He enjoys biking outside of tech.

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?