aws logo
AWS Classic v5.33.0, Mar 24 23

aws.cloudwatch.EventTarget

Provides an EventBridge Target resource.

Note: EventBridge was formerly known as CloudWatch Events. The functionality is identical.

Example Usage

Kinesis Usage

using System.Collections.Generic;
using System.Text.Json;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var console = new Aws.CloudWatch.EventRule("console", new()
    {
        Description = "Capture all EC2 scaling events",
        EventPattern = JsonSerializer.Serialize(new Dictionary<string, object?>
        {
            ["source"] = new[]
            {
                "aws.autoscaling",
            },
            ["detail-type"] = new[]
            {
                "EC2 Instance Launch Successful",
                "EC2 Instance Terminate Successful",
                "EC2 Instance Launch Unsuccessful",
                "EC2 Instance Terminate Unsuccessful",
            },
        }),
    });

    var testStream = new Aws.Kinesis.Stream("testStream", new()
    {
        ShardCount = 1,
    });

    var yada = new Aws.CloudWatch.EventTarget("yada", new()
    {
        Rule = console.Name,
        Arn = testStream.Arn,
        RunCommandTargets = new[]
        {
            new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs
            {
                Key = "tag:Name",
                Values = new[]
                {
                    "FooBar",
                },
            },
            new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs
            {
                Key = "InstanceIds",
                Values = new[]
                {
                    "i-162058cd308bffec2",
                },
            },
        },
    });

});
package main

import (
	"encoding/json"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudwatch"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/kinesis"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"source": []string{
				"aws.autoscaling",
			},
			"detail-type": []string{
				"EC2 Instance Launch Successful",
				"EC2 Instance Terminate Successful",
				"EC2 Instance Launch Unsuccessful",
				"EC2 Instance Terminate Unsuccessful",
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		console, err := cloudwatch.NewEventRule(ctx, "console", &cloudwatch.EventRuleArgs{
			Description:  pulumi.String("Capture all EC2 scaling events"),
			EventPattern: pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		testStream, err := kinesis.NewStream(ctx, "testStream", &kinesis.StreamArgs{
			ShardCount: pulumi.Int(1),
		})
		if err != nil {
			return err
		}
		_, err = cloudwatch.NewEventTarget(ctx, "yada", &cloudwatch.EventTargetArgs{
			Rule: console.Name,
			Arn:  testStream.Arn,
			RunCommandTargets: cloudwatch.EventTargetRunCommandTargetArray{
				&cloudwatch.EventTargetRunCommandTargetArgs{
					Key: pulumi.String("tag:Name"),
					Values: pulumi.StringArray{
						pulumi.String("FooBar"),
					},
				},
				&cloudwatch.EventTargetRunCommandTargetArgs{
					Key: pulumi.String("InstanceIds"),
					Values: pulumi.StringArray{
						pulumi.String("i-162058cd308bffec2"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.EventRule;
import com.pulumi.aws.cloudwatch.EventRuleArgs;
import com.pulumi.aws.kinesis.Stream;
import com.pulumi.aws.kinesis.StreamArgs;
import com.pulumi.aws.cloudwatch.EventTarget;
import com.pulumi.aws.cloudwatch.EventTargetArgs;
import com.pulumi.aws.cloudwatch.inputs.EventTargetRunCommandTargetArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var console = new EventRule("console", EventRuleArgs.builder()        
            .description("Capture all EC2 scaling events")
            .eventPattern(serializeJson(
                jsonObject(
                    jsonProperty("source", jsonArray("aws.autoscaling")),
                    jsonProperty("detail-type", jsonArray(
                        "EC2 Instance Launch Successful", 
                        "EC2 Instance Terminate Successful", 
                        "EC2 Instance Launch Unsuccessful", 
                        "EC2 Instance Terminate Unsuccessful"
                    ))
                )))
            .build());

        var testStream = new Stream("testStream", StreamArgs.builder()        
            .shardCount(1)
            .build());

        var yada = new EventTarget("yada", EventTargetArgs.builder()        
            .rule(console.name())
            .arn(testStream.arn())
            .runCommandTargets(            
                EventTargetRunCommandTargetArgs.builder()
                    .key("tag:Name")
                    .values("FooBar")
                    .build(),
                EventTargetRunCommandTargetArgs.builder()
                    .key("InstanceIds")
                    .values("i-162058cd308bffec2")
                    .build())
            .build());

    }
}
import pulumi
import json
import pulumi_aws as aws

console = aws.cloudwatch.EventRule("console",
    description="Capture all EC2 scaling events",
    event_pattern=json.dumps({
        "source": ["aws.autoscaling"],
        "detail-type": [
            "EC2 Instance Launch Successful",
            "EC2 Instance Terminate Successful",
            "EC2 Instance Launch Unsuccessful",
            "EC2 Instance Terminate Unsuccessful",
        ],
    }))
test_stream = aws.kinesis.Stream("testStream", shard_count=1)
yada = aws.cloudwatch.EventTarget("yada",
    rule=console.name,
    arn=test_stream.arn,
    run_command_targets=[
        aws.cloudwatch.EventTargetRunCommandTargetArgs(
            key="tag:Name",
            values=["FooBar"],
        ),
        aws.cloudwatch.EventTargetRunCommandTargetArgs(
            key="InstanceIds",
            values=["i-162058cd308bffec2"],
        ),
    ])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const console = new aws.cloudwatch.EventRule("console", {
    description: "Capture all EC2 scaling events",
    eventPattern: JSON.stringify({
        source: ["aws.autoscaling"],
        "detail-type": [
            "EC2 Instance Launch Successful",
            "EC2 Instance Terminate Successful",
            "EC2 Instance Launch Unsuccessful",
            "EC2 Instance Terminate Unsuccessful",
        ],
    }),
});
const testStream = new aws.kinesis.Stream("testStream", {shardCount: 1});
const yada = new aws.cloudwatch.EventTarget("yada", {
    rule: console.name,
    arn: testStream.arn,
    runCommandTargets: [
        {
            key: "tag:Name",
            values: ["FooBar"],
        },
        {
            key: "InstanceIds",
            values: ["i-162058cd308bffec2"],
        },
    ],
});
resources:
  yada:
    type: aws:cloudwatch:EventTarget
    properties:
      rule: ${console.name}
      arn: ${testStream.arn}
      runCommandTargets:
        - key: tag:Name
          values:
            - FooBar
        - key: InstanceIds
          values:
            - i-162058cd308bffec2
  console:
    type: aws:cloudwatch:EventRule
    properties:
      description: Capture all EC2 scaling events
      eventPattern:
        fn::toJSON:
          source:
            - aws.autoscaling
          detail-type:
            - EC2 Instance Launch Successful
            - EC2 Instance Terminate Successful
            - EC2 Instance Launch Unsuccessful
            - EC2 Instance Terminate Unsuccessful
  testStream:
    type: aws:kinesis:Stream
    properties:
      shardCount: 1

SSM Document Usage

using System.Collections.Generic;
using System.Text.Json;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var ssmLifecycleTrust = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Actions = new[]
                {
                    "sts:AssumeRole",
                },
                Principals = new[]
                {
                    new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                    {
                        Type = "Service",
                        Identifiers = new[]
                        {
                            "events.amazonaws.com",
                        },
                    },
                },
            },
        },
    });

    var stopInstance = new Aws.Ssm.Document("stopInstance", new()
    {
        DocumentType = "Command",
        Content = JsonSerializer.Serialize(new Dictionary<string, object?>
        {
            ["schemaVersion"] = "1.2",
            ["description"] = "Stop an instance",
            ["parameters"] = new Dictionary<string, object?>
            {
            },
            ["runtimeConfig"] = new Dictionary<string, object?>
            {
                ["aws:runShellScript"] = new Dictionary<string, object?>
                {
                    ["properties"] = new[]
                    {
                        new Dictionary<string, object?>
                        {
                            ["id"] = "0.aws:runShellScript",
                            ["runCommand"] = new[]
                            {
                                "halt",
                            },
                        },
                    },
                },
            },
        }),
    });

    var ssmLifecyclePolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "ssm:SendCommand",
                },
                Resources = new[]
                {
                    "arn:aws:ec2:eu-west-1:1234567890:instance/*",
                },
                Conditions = new[]
                {
                    new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs
                    {
                        Test = "StringEquals",
                        Variable = "ec2:ResourceTag/Terminate",
                        Values = new[]
                        {
                            "*",
                        },
                    },
                },
            },
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "ssm:SendCommand",
                },
                Resources = new[]
                {
                    stopInstance.Arn,
                },
            },
        },
    });

    var ssmLifecycleRole = new Aws.Iam.Role("ssmLifecycleRole", new()
    {
        AssumeRolePolicy = ssmLifecycleTrust.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
    });

    var ssmLifecyclePolicy = new Aws.Iam.Policy("ssmLifecyclePolicy", new()
    {
        PolicyDocument = ssmLifecyclePolicyDocument.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
    });

    var ssmLifecycleRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("ssmLifecycleRolePolicyAttachment", new()
    {
        PolicyArn = ssmLifecyclePolicy.Arn,
        Role = ssmLifecycleRole.Name,
    });

    var stopInstancesEventRule = new Aws.CloudWatch.EventRule("stopInstancesEventRule", new()
    {
        Description = "Stop instances nightly",
        ScheduleExpression = "cron(0 0 * * ? *)",
    });

    var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget("stopInstancesEventTarget", new()
    {
        Arn = stopInstance.Arn,
        Rule = stopInstancesEventRule.Name,
        RoleArn = ssmLifecycleRole.Arn,
        RunCommandTargets = new[]
        {
            new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs
            {
                Key = "tag:Terminate",
                Values = new[]
                {
                    "midnight",
                },
            },
        },
    });

});
package main

import (
	"encoding/json"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudwatch"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/ssm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		ssmLifecycleTrust, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Actions: []string{
						"sts:AssumeRole",
					},
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						{
							Type: "Service",
							Identifiers: []string{
								"events.amazonaws.com",
							},
						},
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"schemaVersion": "1.2",
			"description":   "Stop an instance",
			"parameters":    nil,
			"runtimeConfig": map[string]interface{}{
				"aws:runShellScript": map[string]interface{}{
					"properties": []map[string]interface{}{
						map[string]interface{}{
							"id": "0.aws:runShellScript",
							"runCommand": []string{
								"halt",
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		stopInstance, err := ssm.NewDocument(ctx, "stopInstance", &ssm.DocumentArgs{
			DocumentType: pulumi.String("Command"),
			Content:      pulumi.String(json0),
		})
		if err != nil {
			return err
		}
		ssmLifecyclePolicyDocument := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
			Statements: iam.GetPolicyDocumentStatementArray{
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("ssm:SendCommand"),
					},
					Resources: pulumi.StringArray{
						pulumi.String("arn:aws:ec2:eu-west-1:1234567890:instance/*"),
					},
					Conditions: iam.GetPolicyDocumentStatementConditionArray{
						&iam.GetPolicyDocumentStatementConditionArgs{
							Test:     pulumi.String("StringEquals"),
							Variable: pulumi.String("ec2:ResourceTag/Terminate"),
							Values: pulumi.StringArray{
								pulumi.String("*"),
							},
						},
					},
				},
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("ssm:SendCommand"),
					},
					Resources: pulumi.StringArray{
						stopInstance.Arn,
					},
				},
			},
		}, nil)
		ssmLifecycleRole, err := iam.NewRole(ctx, "ssmLifecycleRole", &iam.RoleArgs{
			AssumeRolePolicy: *pulumi.String(ssmLifecycleTrust.Json),
		})
		if err != nil {
			return err
		}
		ssmLifecyclePolicy, err := iam.NewPolicy(ctx, "ssmLifecyclePolicy", &iam.PolicyArgs{
			Policy: ssmLifecyclePolicyDocument.ApplyT(func(ssmLifecyclePolicyDocument iam.GetPolicyDocumentResult) (*string, error) {
				return &ssmLifecyclePolicyDocument.Json, nil
			}).(pulumi.StringPtrOutput),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRolePolicyAttachment(ctx, "ssmLifecycleRolePolicyAttachment", &iam.RolePolicyAttachmentArgs{
			PolicyArn: ssmLifecyclePolicy.Arn,
			Role:      ssmLifecycleRole.Name,
		})
		if err != nil {
			return err
		}
		stopInstancesEventRule, err := cloudwatch.NewEventRule(ctx, "stopInstancesEventRule", &cloudwatch.EventRuleArgs{
			Description:        pulumi.String("Stop instances nightly"),
			ScheduleExpression: pulumi.String("cron(0 0 * * ? *)"),
		})
		if err != nil {
			return err
		}
		_, err = cloudwatch.NewEventTarget(ctx, "stopInstancesEventTarget", &cloudwatch.EventTargetArgs{
			Arn:     stopInstance.Arn,
			Rule:    stopInstancesEventRule.Name,
			RoleArn: ssmLifecycleRole.Arn,
			RunCommandTargets: cloudwatch.EventTargetRunCommandTargetArray{
				&cloudwatch.EventTargetRunCommandTargetArgs{
					Key: pulumi.String("tag:Terminate"),
					Values: pulumi.StringArray{
						pulumi.String("midnight"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.ssm.Document;
import com.pulumi.aws.ssm.DocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.Policy;
import com.pulumi.aws.iam.PolicyArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.cloudwatch.EventRule;
import com.pulumi.aws.cloudwatch.EventRuleArgs;
import com.pulumi.aws.cloudwatch.EventTarget;
import com.pulumi.aws.cloudwatch.EventTargetArgs;
import com.pulumi.aws.cloudwatch.inputs.EventTargetRunCommandTargetArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var ssmLifecycleTrust = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .actions("sts:AssumeRole")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("Service")
                    .identifiers("events.amazonaws.com")
                    .build())
                .build())
            .build());

        var stopInstance = new Document("stopInstance", DocumentArgs.builder()        
            .documentType("Command")
            .content(serializeJson(
                jsonObject(
                    jsonProperty("schemaVersion", "1.2"),
                    jsonProperty("description", "Stop an instance"),
                    jsonProperty("parameters", jsonObject(

                    )),
                    jsonProperty("runtimeConfig", jsonObject(
                        jsonProperty("aws:runShellScript", jsonObject(
                            jsonProperty("properties", jsonArray(jsonObject(
                                jsonProperty("id", "0.aws:runShellScript"),
                                jsonProperty("runCommand", jsonArray("halt"))
                            )))
                        ))
                    ))
                )))
            .build());

        final var ssmLifecyclePolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(            
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions("ssm:SendCommand")
                    .resources("arn:aws:ec2:eu-west-1:1234567890:instance/*")
                    .conditions(GetPolicyDocumentStatementConditionArgs.builder()
                        .test("StringEquals")
                        .variable("ec2:ResourceTag/Terminate")
                        .values("*")
                        .build())
                    .build(),
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions("ssm:SendCommand")
                    .resources(stopInstance.arn())
                    .build())
            .build());

        var ssmLifecycleRole = new Role("ssmLifecycleRole", RoleArgs.builder()        
            .assumeRolePolicy(ssmLifecycleTrust.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());

        var ssmLifecyclePolicy = new Policy("ssmLifecyclePolicy", PolicyArgs.builder()        
            .policy(ssmLifecyclePolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(ssmLifecyclePolicyDocument -> ssmLifecyclePolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
            .build());

        var ssmLifecycleRolePolicyAttachment = new RolePolicyAttachment("ssmLifecycleRolePolicyAttachment", RolePolicyAttachmentArgs.builder()        
            .policyArn(ssmLifecyclePolicy.arn())
            .role(ssmLifecycleRole.name())
            .build());

        var stopInstancesEventRule = new EventRule("stopInstancesEventRule", EventRuleArgs.builder()        
            .description("Stop instances nightly")
            .scheduleExpression("cron(0 0 * * ? *)")
            .build());

        var stopInstancesEventTarget = new EventTarget("stopInstancesEventTarget", EventTargetArgs.builder()        
            .arn(stopInstance.arn())
            .rule(stopInstancesEventRule.name())
            .roleArn(ssmLifecycleRole.arn())
            .runCommandTargets(EventTargetRunCommandTargetArgs.builder()
                .key("tag:Terminate")
                .values("midnight")
                .build())
            .build());

    }
}
import pulumi
import json
import pulumi_aws as aws

ssm_lifecycle_trust = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    actions=["sts:AssumeRole"],
    principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
        type="Service",
        identifiers=["events.amazonaws.com"],
    )],
)])
stop_instance = aws.ssm.Document("stopInstance",
    document_type="Command",
    content=json.dumps({
        "schemaVersion": "1.2",
        "description": "Stop an instance",
        "parameters": {},
        "runtimeConfig": {
            "aws:runShellScript": {
                "properties": [{
                    "id": "0.aws:runShellScript",
                    "runCommand": ["halt"],
                }],
            },
        },
    }))
ssm_lifecycle_policy_document = aws.iam.get_policy_document_output(statements=[
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=["ssm:SendCommand"],
        resources=["arn:aws:ec2:eu-west-1:1234567890:instance/*"],
        conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(
            test="StringEquals",
            variable="ec2:ResourceTag/Terminate",
            values=["*"],
        )],
    ),
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=["ssm:SendCommand"],
        resources=[stop_instance.arn],
    ),
])
ssm_lifecycle_role = aws.iam.Role("ssmLifecycleRole", assume_role_policy=ssm_lifecycle_trust.json)
ssm_lifecycle_policy = aws.iam.Policy("ssmLifecyclePolicy", policy=ssm_lifecycle_policy_document.json)
ssm_lifecycle_role_policy_attachment = aws.iam.RolePolicyAttachment("ssmLifecycleRolePolicyAttachment",
    policy_arn=ssm_lifecycle_policy.arn,
    role=ssm_lifecycle_role.name)
stop_instances_event_rule = aws.cloudwatch.EventRule("stopInstancesEventRule",
    description="Stop instances nightly",
    schedule_expression="cron(0 0 * * ? *)")
stop_instances_event_target = aws.cloudwatch.EventTarget("stopInstancesEventTarget",
    arn=stop_instance.arn,
    rule=stop_instances_event_rule.name,
    role_arn=ssm_lifecycle_role.arn,
    run_command_targets=[aws.cloudwatch.EventTargetRunCommandTargetArgs(
        key="tag:Terminate",
        values=["midnight"],
    )])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const ssmLifecycleTrust = aws.iam.getPolicyDocument({
    statements: [{
        actions: ["sts:AssumeRole"],
        principals: [{
            type: "Service",
            identifiers: ["events.amazonaws.com"],
        }],
    }],
});
const stopInstance = new aws.ssm.Document("stopInstance", {
    documentType: "Command",
    content: JSON.stringify({
        schemaVersion: "1.2",
        description: "Stop an instance",
        parameters: {},
        runtimeConfig: {
            "aws:runShellScript": {
                properties: [{
                    id: "0.aws:runShellScript",
                    runCommand: ["halt"],
                }],
            },
        },
    }),
});
const ssmLifecyclePolicyDocument = aws.iam.getPolicyDocumentOutput({
    statements: [
        {
            effect: "Allow",
            actions: ["ssm:SendCommand"],
            resources: ["arn:aws:ec2:eu-west-1:1234567890:instance/*"],
            conditions: [{
                test: "StringEquals",
                variable: "ec2:ResourceTag/Terminate",
                values: ["*"],
            }],
        },
        {
            effect: "Allow",
            actions: ["ssm:SendCommand"],
            resources: [stopInstance.arn],
        },
    ],
});
const ssmLifecycleRole = new aws.iam.Role("ssmLifecycleRole", {assumeRolePolicy: ssmLifecycleTrust.then(ssmLifecycleTrust => ssmLifecycleTrust.json)});
const ssmLifecyclePolicy = new aws.iam.Policy("ssmLifecyclePolicy", {policy: ssmLifecyclePolicyDocument.apply(ssmLifecyclePolicyDocument => ssmLifecyclePolicyDocument.json)});
const ssmLifecycleRolePolicyAttachment = new aws.iam.RolePolicyAttachment("ssmLifecycleRolePolicyAttachment", {
    policyArn: ssmLifecyclePolicy.arn,
    role: ssmLifecycleRole.name,
});
const stopInstancesEventRule = new aws.cloudwatch.EventRule("stopInstancesEventRule", {
    description: "Stop instances nightly",
    scheduleExpression: "cron(0 0 * * ? *)",
});
const stopInstancesEventTarget = new aws.cloudwatch.EventTarget("stopInstancesEventTarget", {
    arn: stopInstance.arn,
    rule: stopInstancesEventRule.name,
    roleArn: ssmLifecycleRole.arn,
    runCommandTargets: [{
        key: "tag:Terminate",
        values: ["midnight"],
    }],
});
resources:
  ssmLifecycleRole:
    type: aws:iam:Role
    properties:
      assumeRolePolicy: ${ssmLifecycleTrust.json}
  ssmLifecyclePolicy:
    type: aws:iam:Policy
    properties:
      policy: ${ssmLifecyclePolicyDocument.json}
  ssmLifecycleRolePolicyAttachment:
    type: aws:iam:RolePolicyAttachment
    properties:
      policyArn: ${ssmLifecyclePolicy.arn}
      role: ${ssmLifecycleRole.name}
  stopInstance:
    type: aws:ssm:Document
    properties:
      documentType: Command
      content:
        fn::toJSON:
          schemaVersion: '1.2'
          description: Stop an instance
          parameters: {}
          runtimeConfig:
            aws:runShellScript:
              properties:
                - id: 0.aws:runShellScript
                  runCommand:
                    - halt
  stopInstancesEventRule:
    type: aws:cloudwatch:EventRule
    properties:
      description: Stop instances nightly
      scheduleExpression: cron(0 0 * * ? *)
  stopInstancesEventTarget:
    type: aws:cloudwatch:EventTarget
    properties:
      arn: ${stopInstance.arn}
      rule: ${stopInstancesEventRule.name}
      roleArn: ${ssmLifecycleRole.arn}
      runCommandTargets:
        - key: tag:Terminate
          values:
            - midnight
variables:
  ssmLifecycleTrust:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - actions:
              - sts:AssumeRole
            principals:
              - type: Service
                identifiers:
                  - events.amazonaws.com
  ssmLifecyclePolicyDocument:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - effect: Allow
            actions:
              - ssm:SendCommand
            resources:
              - arn:aws:ec2:eu-west-1:1234567890:instance/*
            conditions:
              - test: StringEquals
                variable: ec2:ResourceTag/Terminate
                values:
                  - '*'
          - effect: Allow
            actions:
              - ssm:SendCommand
            resources:
              - ${stopInstance.arn}

RunCommand Usage

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var stopInstancesEventRule = new Aws.CloudWatch.EventRule("stopInstancesEventRule", new()
    {
        Description = "Stop instances nightly",
        ScheduleExpression = "cron(0 0 * * ? *)",
    });

    var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget("stopInstancesEventTarget", new()
    {
        Arn = $"arn:aws:ssm:{@var.Aws_region}::document/AWS-RunShellScript",
        Input = "{\"commands\":[\"halt\"]}",
        Rule = stopInstancesEventRule.Name,
        RoleArn = aws_iam_role.Ssm_lifecycle.Arn,
        RunCommandTargets = new[]
        {
            new Aws.CloudWatch.Inputs.EventTargetRunCommandTargetArgs
            {
                Key = "tag:Terminate",
                Values = new[]
                {
                    "midnight",
                },
            },
        },
    });

});
package main

import (
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudwatch"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		stopInstancesEventRule, err := cloudwatch.NewEventRule(ctx, "stopInstancesEventRule", &cloudwatch.EventRuleArgs{
			Description:        pulumi.String("Stop instances nightly"),
			ScheduleExpression: pulumi.String("cron(0 0 * * ? *)"),
		})
		if err != nil {
			return err
		}
		_, err = cloudwatch.NewEventTarget(ctx, "stopInstancesEventTarget", &cloudwatch.EventTargetArgs{
			Arn:     pulumi.String(fmt.Sprintf("arn:aws:ssm:%v::document/AWS-RunShellScript", _var.Aws_region)),
			Input:   pulumi.String("{\"commands\":[\"halt\"]}"),
			Rule:    stopInstancesEventRule.Name,
			RoleArn: pulumi.Any(aws_iam_role.Ssm_lifecycle.Arn),
			RunCommandTargets: cloudwatch.EventTargetRunCommandTargetArray{
				&cloudwatch.EventTargetRunCommandTargetArgs{
					Key: pulumi.String("tag:Terminate"),
					Values: pulumi.StringArray{
						pulumi.String("midnight"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.EventRule;
import com.pulumi.aws.cloudwatch.EventRuleArgs;
import com.pulumi.aws.cloudwatch.EventTarget;
import com.pulumi.aws.cloudwatch.EventTargetArgs;
import com.pulumi.aws.cloudwatch.inputs.EventTargetRunCommandTargetArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var stopInstancesEventRule = new EventRule("stopInstancesEventRule", EventRuleArgs.builder()        
            .description("Stop instances nightly")
            .scheduleExpression("cron(0 0 * * ? *)")
            .build());

        var stopInstancesEventTarget = new EventTarget("stopInstancesEventTarget", EventTargetArgs.builder()        
            .arn(String.format("arn:aws:ssm:%s::document/AWS-RunShellScript", var_.aws_region()))
            .input("{\"commands\":[\"halt\"]}")
            .rule(stopInstancesEventRule.name())
            .roleArn(aws_iam_role.ssm_lifecycle().arn())
            .runCommandTargets(EventTargetRunCommandTargetArgs.builder()
                .key("tag:Terminate")
                .values("midnight")
                .build())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

stop_instances_event_rule = aws.cloudwatch.EventRule("stopInstancesEventRule",
    description="Stop instances nightly",
    schedule_expression="cron(0 0 * * ? *)")
stop_instances_event_target = aws.cloudwatch.EventTarget("stopInstancesEventTarget",
    arn=f"arn:aws:ssm:{var['aws_region']}::document/AWS-RunShellScript",
    input="{\"commands\":[\"halt\"]}",
    rule=stop_instances_event_rule.name,
    role_arn=aws_iam_role["ssm_lifecycle"]["arn"],
    run_command_targets=[aws.cloudwatch.EventTargetRunCommandTargetArgs(
        key="tag:Terminate",
        values=["midnight"],
    )])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const stopInstancesEventRule = new aws.cloudwatch.EventRule("stopInstancesEventRule", {
    description: "Stop instances nightly",
    scheduleExpression: "cron(0 0 * * ? *)",
});
const stopInstancesEventTarget = new aws.cloudwatch.EventTarget("stopInstancesEventTarget", {
    arn: `arn:aws:ssm:${_var.aws_region}::document/AWS-RunShellScript`,
    input: "{\"commands\":[\"halt\"]}",
    rule: stopInstancesEventRule.name,
    roleArn: aws_iam_role.ssm_lifecycle.arn,
    runCommandTargets: [{
        key: "tag:Terminate",
        values: ["midnight"],
    }],
});
resources:
  stopInstancesEventRule:
    type: aws:cloudwatch:EventRule
    properties:
      description: Stop instances nightly
      scheduleExpression: cron(0 0 * * ? *)
  stopInstancesEventTarget:
    type: aws:cloudwatch:EventTarget
    properties:
      arn: arn:aws:ssm:${var.aws_region}::document/AWS-RunShellScript
      input: '{"commands":["halt"]}'
      rule: ${stopInstancesEventRule.name}
      roleArn: ${aws_iam_role.ssm_lifecycle.arn}
      runCommandTargets:
        - key: tag:Terminate
          values:
            - midnight

API Gateway target

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var exampleEventRule = new Aws.CloudWatch.EventRule("exampleEventRule");

    // ...
    var exampleDeployment = new Aws.ApiGateway.Deployment("exampleDeployment", new()
    {
        RestApi = aws_api_gateway_rest_api.Example.Id,
    });

    // ...
    var exampleStage = new Aws.ApiGateway.Stage("exampleStage", new()
    {
        RestApi = aws_api_gateway_rest_api.Example.Id,
        Deployment = exampleDeployment.Id,
    });

    // ...
    var exampleEventTarget = new Aws.CloudWatch.EventTarget("exampleEventTarget", new()
    {
        Arn = exampleStage.ExecutionArn.Apply(executionArn => $"{executionArn}/GET"),
        Rule = exampleEventRule.Id,
        HttpTarget = new Aws.CloudWatch.Inputs.EventTargetHttpTargetArgs
        {
            QueryStringParameters = 
            {
                { "Body", "$.detail.body" },
            },
            HeaderParameters = 
            {
                { "Env", "Test" },
            },
        },
    });

});
package main

import (
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/apigateway"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudwatch"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleEventRule, err := cloudwatch.NewEventRule(ctx, "exampleEventRule", nil)
		if err != nil {
			return err
		}
		exampleDeployment, err := apigateway.NewDeployment(ctx, "exampleDeployment", &apigateway.DeploymentArgs{
			RestApi: pulumi.Any(aws_api_gateway_rest_api.Example.Id),
		})
		if err != nil {
			return err
		}
		exampleStage, err := apigateway.NewStage(ctx, "exampleStage", &apigateway.StageArgs{
			RestApi:    pulumi.Any(aws_api_gateway_rest_api.Example.Id),
			Deployment: exampleDeployment.ID(),
		})
		if err != nil {
			return err
		}
		_, err = cloudwatch.NewEventTarget(ctx, "exampleEventTarget", &cloudwatch.EventTargetArgs{
			Arn: exampleStage.ExecutionArn.ApplyT(func(executionArn string) (string, error) {
				return fmt.Sprintf("%v/GET", executionArn), nil
			}).(pulumi.StringOutput),
			Rule: exampleEventRule.ID(),
			HttpTarget: &cloudwatch.EventTargetHttpTargetArgs{
				QueryStringParameters: pulumi.StringMap{
					"Body": pulumi.String("$.detail.body"),
				},
				HeaderParameters: pulumi.StringMap{
					"Env": pulumi.String("Test"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.EventRule;
import com.pulumi.aws.apigateway.Deployment;
import com.pulumi.aws.apigateway.DeploymentArgs;
import com.pulumi.aws.apigateway.Stage;
import com.pulumi.aws.apigateway.StageArgs;
import com.pulumi.aws.cloudwatch.EventTarget;
import com.pulumi.aws.cloudwatch.EventTargetArgs;
import com.pulumi.aws.cloudwatch.inputs.EventTargetHttpTargetArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleEventRule = new EventRule("exampleEventRule");

        var exampleDeployment = new Deployment("exampleDeployment", DeploymentArgs.builder()        
            .restApi(aws_api_gateway_rest_api.example().id())
            .build());

        var exampleStage = new Stage("exampleStage", StageArgs.builder()        
            .restApi(aws_api_gateway_rest_api.example().id())
            .deployment(exampleDeployment.id())
            .build());

        var exampleEventTarget = new EventTarget("exampleEventTarget", EventTargetArgs.builder()        
            .arn(exampleStage.executionArn().applyValue(executionArn -> String.format("%s/GET", executionArn)))
            .rule(exampleEventRule.id())
            .httpTarget(EventTargetHttpTargetArgs.builder()
                .queryStringParameters(Map.of("Body", "$.detail.body"))
                .headerParameters(Map.of("Env", "Test"))
                .build())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

example_event_rule = aws.cloudwatch.EventRule("exampleEventRule")
# ...
example_deployment = aws.apigateway.Deployment("exampleDeployment", rest_api=aws_api_gateway_rest_api["example"]["id"])
# ...
example_stage = aws.apigateway.Stage("exampleStage",
    rest_api=aws_api_gateway_rest_api["example"]["id"],
    deployment=example_deployment.id)
# ...
example_event_target = aws.cloudwatch.EventTarget("exampleEventTarget",
    arn=example_stage.execution_arn.apply(lambda execution_arn: f"{execution_arn}/GET"),
    rule=example_event_rule.id,
    http_target=aws.cloudwatch.EventTargetHttpTargetArgs(
        query_string_parameters={
            "Body": "$.detail.body",
        },
        header_parameters={
            "Env": "Test",
        },
    ))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleEventRule = new aws.cloudwatch.EventRule("exampleEventRule", {});
// ...
const exampleDeployment = new aws.apigateway.Deployment("exampleDeployment", {restApi: aws_api_gateway_rest_api.example.id});
// ...
const exampleStage = new aws.apigateway.Stage("exampleStage", {
    restApi: aws_api_gateway_rest_api.example.id,
    deployment: exampleDeployment.id,
});
// ...
const exampleEventTarget = new aws.cloudwatch.EventTarget("exampleEventTarget", {
    arn: pulumi.interpolate`${exampleStage.executionArn}/GET`,
    rule: exampleEventRule.id,
    httpTarget: {
        queryStringParameters: {
            Body: "$.detail.body",
        },
        headerParameters: {
            Env: "Test",
        },
    },
});
resources:
  exampleEventTarget:
    type: aws:cloudwatch:EventTarget
    properties:
      arn: ${exampleStage.executionArn}/GET
      rule: ${exampleEventRule.id}
      httpTarget:
        queryStringParameters:
          Body: $.detail.body
        headerParameters:
          Env: Test
  exampleEventRule:
    type: aws:cloudwatch:EventRule
  exampleDeployment:
    type: aws:apigateway:Deployment
    properties:
      restApi: ${aws_api_gateway_rest_api.example.id}
  exampleStage:
    type: aws:apigateway:Stage
    properties:
      restApi: ${aws_api_gateway_rest_api.example.id}
      deployment: ${exampleDeployment.id}

Cross-Account Event Bus target

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Principals = new[]
                {
                    new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                    {
                        Type = "Service",
                        Identifiers = new[]
                        {
                            "events.amazonaws.com",
                        },
                    },
                },
                Actions = new[]
                {
                    "sts:AssumeRole",
                },
            },
        },
    });

    var eventBusInvokeRemoteEventBusRole = new Aws.Iam.Role("eventBusInvokeRemoteEventBusRole", new()
    {
        AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
    });

    var eventBusInvokeRemoteEventBusPolicyDocument = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "events:PutEvents",
                },
                Resources = new[]
                {
                    "arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus",
                },
            },
        },
    });

    var eventBusInvokeRemoteEventBusPolicy = new Aws.Iam.Policy("eventBusInvokeRemoteEventBusPolicy", new()
    {
        PolicyDocument = eventBusInvokeRemoteEventBusPolicyDocument.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
    });

    var eventBusInvokeRemoteEventBusRolePolicyAttachment = new Aws.Iam.RolePolicyAttachment("eventBusInvokeRemoteEventBusRolePolicyAttachment", new()
    {
        Role = eventBusInvokeRemoteEventBusRole.Name,
        PolicyArn = eventBusInvokeRemoteEventBusPolicy.Arn,
    });

    var stopInstancesEventRule = new Aws.CloudWatch.EventRule("stopInstancesEventRule", new()
    {
        Description = "Stop instances nightly",
        ScheduleExpression = "cron(0 0 * * ? *)",
    });

    var stopInstancesEventTarget = new Aws.CloudWatch.EventTarget("stopInstancesEventTarget", new()
    {
        Arn = "arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus",
        Rule = stopInstancesEventRule.Name,
        RoleArn = eventBusInvokeRemoteEventBusRole.Arn,
    });

});
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudwatch"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Principals: []iam.GetPolicyDocumentStatementPrincipal{
						{
							Type: "Service",
							Identifiers: []string{
								"events.amazonaws.com",
							},
						},
					},
					Actions: []string{
						"sts:AssumeRole",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		eventBusInvokeRemoteEventBusRole, err := iam.NewRole(ctx, "eventBusInvokeRemoteEventBusRole", &iam.RoleArgs{
			AssumeRolePolicy: *pulumi.String(assumeRole.Json),
		})
		if err != nil {
			return err
		}
		eventBusInvokeRemoteEventBusPolicyDocument, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
			Statements: []iam.GetPolicyDocumentStatement{
				{
					Effect: pulumi.StringRef("Allow"),
					Actions: []string{
						"events:PutEvents",
					},
					Resources: []string{
						"arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		eventBusInvokeRemoteEventBusPolicy, err := iam.NewPolicy(ctx, "eventBusInvokeRemoteEventBusPolicy", &iam.PolicyArgs{
			Policy: *pulumi.String(eventBusInvokeRemoteEventBusPolicyDocument.Json),
		})
		if err != nil {
			return err
		}
		_, err = iam.NewRolePolicyAttachment(ctx, "eventBusInvokeRemoteEventBusRolePolicyAttachment", &iam.RolePolicyAttachmentArgs{
			Role:      eventBusInvokeRemoteEventBusRole.Name,
			PolicyArn: eventBusInvokeRemoteEventBusPolicy.Arn,
		})
		if err != nil {
			return err
		}
		stopInstancesEventRule, err := cloudwatch.NewEventRule(ctx, "stopInstancesEventRule", &cloudwatch.EventRuleArgs{
			Description:        pulumi.String("Stop instances nightly"),
			ScheduleExpression: pulumi.String("cron(0 0 * * ? *)"),
		})
		if err != nil {
			return err
		}
		_, err = cloudwatch.NewEventTarget(ctx, "stopInstancesEventTarget", &cloudwatch.EventTargetArgs{
			Arn:     pulumi.String("arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus"),
			Rule:    stopInstancesEventRule.Name,
			RoleArn: eventBusInvokeRemoteEventBusRole.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.iam.Role;
import com.pulumi.aws.iam.RoleArgs;
import com.pulumi.aws.iam.Policy;
import com.pulumi.aws.iam.PolicyArgs;
import com.pulumi.aws.iam.RolePolicyAttachment;
import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
import com.pulumi.aws.cloudwatch.EventRule;
import com.pulumi.aws.cloudwatch.EventRuleArgs;
import com.pulumi.aws.cloudwatch.EventTarget;
import com.pulumi.aws.cloudwatch.EventTargetArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .effect("Allow")
                .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                    .type("Service")
                    .identifiers("events.amazonaws.com")
                    .build())
                .actions("sts:AssumeRole")
                .build())
            .build());

        var eventBusInvokeRemoteEventBusRole = new Role("eventBusInvokeRemoteEventBusRole", RoleArgs.builder()        
            .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());

        final var eventBusInvokeRemoteEventBusPolicyDocument = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(GetPolicyDocumentStatementArgs.builder()
                .effect("Allow")
                .actions("events:PutEvents")
                .resources("arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus")
                .build())
            .build());

        var eventBusInvokeRemoteEventBusPolicy = new Policy("eventBusInvokeRemoteEventBusPolicy", PolicyArgs.builder()        
            .policy(eventBusInvokeRemoteEventBusPolicyDocument.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
            .build());

        var eventBusInvokeRemoteEventBusRolePolicyAttachment = new RolePolicyAttachment("eventBusInvokeRemoteEventBusRolePolicyAttachment", RolePolicyAttachmentArgs.builder()        
            .role(eventBusInvokeRemoteEventBusRole.name())
            .policyArn(eventBusInvokeRemoteEventBusPolicy.arn())
            .build());

        var stopInstancesEventRule = new EventRule("stopInstancesEventRule", EventRuleArgs.builder()        
            .description("Stop instances nightly")
            .scheduleExpression("cron(0 0 * * ? *)")
            .build());

        var stopInstancesEventTarget = new EventTarget("stopInstancesEventTarget", EventTargetArgs.builder()        
            .arn("arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus")
            .rule(stopInstancesEventRule.name())
            .roleArn(eventBusInvokeRemoteEventBusRole.arn())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

assume_role = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    effect="Allow",
    principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
        type="Service",
        identifiers=["events.amazonaws.com"],
    )],
    actions=["sts:AssumeRole"],
)])
event_bus_invoke_remote_event_bus_role = aws.iam.Role("eventBusInvokeRemoteEventBusRole", assume_role_policy=assume_role.json)
event_bus_invoke_remote_event_bus_policy_document = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    effect="Allow",
    actions=["events:PutEvents"],
    resources=["arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus"],
)])
event_bus_invoke_remote_event_bus_policy = aws.iam.Policy("eventBusInvokeRemoteEventBusPolicy", policy=event_bus_invoke_remote_event_bus_policy_document.json)
event_bus_invoke_remote_event_bus_role_policy_attachment = aws.iam.RolePolicyAttachment("eventBusInvokeRemoteEventBusRolePolicyAttachment",
    role=event_bus_invoke_remote_event_bus_role.name,
    policy_arn=event_bus_invoke_remote_event_bus_policy.arn)
stop_instances_event_rule = aws.cloudwatch.EventRule("stopInstancesEventRule",
    description="Stop instances nightly",
    schedule_expression="cron(0 0 * * ? *)")
stop_instances_event_target = aws.cloudwatch.EventTarget("stopInstancesEventTarget",
    arn="arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus",
    rule=stop_instances_event_rule.name,
    role_arn=event_bus_invoke_remote_event_bus_role.arn)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const assumeRole = aws.iam.getPolicyDocument({
    statements: [{
        effect: "Allow",
        principals: [{
            type: "Service",
            identifiers: ["events.amazonaws.com"],
        }],
        actions: ["sts:AssumeRole"],
    }],
});
const eventBusInvokeRemoteEventBusRole = new aws.iam.Role("eventBusInvokeRemoteEventBusRole", {assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json)});
const eventBusInvokeRemoteEventBusPolicyDocument = aws.iam.getPolicyDocument({
    statements: [{
        effect: "Allow",
        actions: ["events:PutEvents"],
        resources: ["arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus"],
    }],
});
const eventBusInvokeRemoteEventBusPolicy = new aws.iam.Policy("eventBusInvokeRemoteEventBusPolicy", {policy: eventBusInvokeRemoteEventBusPolicyDocument.then(eventBusInvokeRemoteEventBusPolicyDocument => eventBusInvokeRemoteEventBusPolicyDocument.json)});
const eventBusInvokeRemoteEventBusRolePolicyAttachment = new aws.iam.RolePolicyAttachment("eventBusInvokeRemoteEventBusRolePolicyAttachment", {
    role: eventBusInvokeRemoteEventBusRole.name,
    policyArn: eventBusInvokeRemoteEventBusPolicy.arn,
});
const stopInstancesEventRule = new aws.cloudwatch.EventRule("stopInstancesEventRule", {
    description: "Stop instances nightly",
    scheduleExpression: "cron(0 0 * * ? *)",
});
const stopInstancesEventTarget = new aws.cloudwatch.EventTarget("stopInstancesEventTarget", {
    arn: "arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus",
    rule: stopInstancesEventRule.name,
    roleArn: eventBusInvokeRemoteEventBusRole.arn,
});
resources:
  eventBusInvokeRemoteEventBusRole:
    type: aws:iam:Role
    properties:
      assumeRolePolicy: ${assumeRole.json}
  eventBusInvokeRemoteEventBusPolicy:
    type: aws:iam:Policy
    properties:
      policy: ${eventBusInvokeRemoteEventBusPolicyDocument.json}
  eventBusInvokeRemoteEventBusRolePolicyAttachment:
    type: aws:iam:RolePolicyAttachment
    properties:
      role: ${eventBusInvokeRemoteEventBusRole.name}
      policyArn: ${eventBusInvokeRemoteEventBusPolicy.arn}
  stopInstancesEventRule:
    type: aws:cloudwatch:EventRule
    properties:
      description: Stop instances nightly
      scheduleExpression: cron(0 0 * * ? *)
  stopInstancesEventTarget:
    type: aws:cloudwatch:EventTarget
    properties:
      arn: arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus
      rule: ${stopInstancesEventRule.name}
      roleArn: ${eventBusInvokeRemoteEventBusRole.arn}
variables:
  assumeRole:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - effect: Allow
            principals:
              - type: Service
                identifiers:
                  - events.amazonaws.com
            actions:
              - sts:AssumeRole
  eventBusInvokeRemoteEventBusPolicyDocument:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - effect: Allow
            actions:
              - events:PutEvents
            resources:
              - arn:aws:events:eu-west-1:1234567890:event-bus/My-Event-Bus

Input Transformer Usage - JSON Object

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var exampleEventRule = new Aws.CloudWatch.EventRule("exampleEventRule");

    // ...
    var exampleEventTarget = new Aws.CloudWatch.EventTarget("exampleEventTarget", new()
    {
        Arn = aws_lambda_function.Example.Arn,
        Rule = exampleEventRule.Id,
        InputTransformer = new Aws.CloudWatch.Inputs.EventTargetInputTransformerArgs
        {
            InputPaths = 
            {
                { "instance", "$.detail.instance" },
                { "status", "$.detail.status" },
            },
            InputTemplate = @"{
  ""instance_id"": <instance>,
  ""instance_status"": <status>
}
",
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudwatch"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleEventRule, err := cloudwatch.NewEventRule(ctx, "exampleEventRule", nil)
		if err != nil {
			return err
		}
		_, err = cloudwatch.NewEventTarget(ctx, "exampleEventTarget", &cloudwatch.EventTargetArgs{
			Arn:  pulumi.Any(aws_lambda_function.Example.Arn),
			Rule: exampleEventRule.ID(),
			InputTransformer: &cloudwatch.EventTargetInputTransformerArgs{
				InputPaths: pulumi.StringMap{
					"instance": pulumi.String("$.detail.instance"),
					"status":   pulumi.String("$.detail.status"),
				},
				InputTemplate: pulumi.String("{\n  \"instance_id\": <instance>,\n  \"instance_status\": <status>\n}\n"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.EventRule;
import com.pulumi.aws.cloudwatch.EventTarget;
import com.pulumi.aws.cloudwatch.EventTargetArgs;
import com.pulumi.aws.cloudwatch.inputs.EventTargetInputTransformerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleEventRule = new EventRule("exampleEventRule");

        var exampleEventTarget = new EventTarget("exampleEventTarget", EventTargetArgs.builder()        
            .arn(aws_lambda_function.example().arn())
            .rule(exampleEventRule.id())
            .inputTransformer(EventTargetInputTransformerArgs.builder()
                .inputPaths(Map.ofEntries(
                    Map.entry("instance", "$.detail.instance"),
                    Map.entry("status", "$.detail.status")
                ))
                .inputTemplate("""
{
  "instance_id": <instance>,
  "instance_status": <status>
}
                """)
                .build())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

example_event_rule = aws.cloudwatch.EventRule("exampleEventRule")
# ...
example_event_target = aws.cloudwatch.EventTarget("exampleEventTarget",
    arn=aws_lambda_function["example"]["arn"],
    rule=example_event_rule.id,
    input_transformer=aws.cloudwatch.EventTargetInputTransformerArgs(
        input_paths={
            "instance": "$.detail.instance",
            "status": "$.detail.status",
        },
        input_template="""{
  "instance_id": <instance>,
  "instance_status": <status>
}
""",
    ))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleEventRule = new aws.cloudwatch.EventRule("exampleEventRule", {});
// ...
const exampleEventTarget = new aws.cloudwatch.EventTarget("exampleEventTarget", {
    arn: aws_lambda_function.example.arn,
    rule: exampleEventRule.id,
    inputTransformer: {
        inputPaths: {
            instance: "$.detail.instance",
            status: "$.detail.status",
        },
        inputTemplate: `{
  "instance_id": <instance>,
  "instance_status": <status>
}
`,
    },
});
resources:
  exampleEventTarget:
    type: aws:cloudwatch:EventTarget
    properties:
      arn: ${aws_lambda_function.example.arn}
      rule: ${exampleEventRule.id}
      inputTransformer:
        inputPaths:
          instance: $.detail.instance
          status: $.detail.status
        inputTemplate: |
          {
            "instance_id": <instance>,
            "instance_status": <status>
          }          
  exampleEventRule:
    type: aws:cloudwatch:EventRule

Input Transformer Usage - Simple String

using System.Collections.Generic;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var exampleEventRule = new Aws.CloudWatch.EventRule("exampleEventRule");

    // ...
    var exampleEventTarget = new Aws.CloudWatch.EventTarget("exampleEventTarget", new()
    {
        Arn = aws_lambda_function.Example.Arn,
        Rule = exampleEventRule.Id,
        InputTransformer = new Aws.CloudWatch.Inputs.EventTargetInputTransformerArgs
        {
            InputPaths = 
            {
                { "instance", "$.detail.instance" },
                { "status", "$.detail.status" },
            },
            InputTemplate = "\"<instance> is in state <status>\"",
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudwatch"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleEventRule, err := cloudwatch.NewEventRule(ctx, "exampleEventRule", nil)
		if err != nil {
			return err
		}
		_, err = cloudwatch.NewEventTarget(ctx, "exampleEventTarget", &cloudwatch.EventTargetArgs{
			Arn:  pulumi.Any(aws_lambda_function.Example.Arn),
			Rule: exampleEventRule.ID(),
			InputTransformer: &cloudwatch.EventTargetInputTransformerArgs{
				InputPaths: pulumi.StringMap{
					"instance": pulumi.String("$.detail.instance"),
					"status":   pulumi.String("$.detail.status"),
				},
				InputTemplate: pulumi.String("\"<instance> is in state <status>\""),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.EventRule;
import com.pulumi.aws.cloudwatch.EventTarget;
import com.pulumi.aws.cloudwatch.EventTargetArgs;
import com.pulumi.aws.cloudwatch.inputs.EventTargetInputTransformerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleEventRule = new EventRule("exampleEventRule");

        var exampleEventTarget = new EventTarget("exampleEventTarget", EventTargetArgs.builder()        
            .arn(aws_lambda_function.example().arn())
            .rule(exampleEventRule.id())
            .inputTransformer(EventTargetInputTransformerArgs.builder()
                .inputPaths(Map.ofEntries(
                    Map.entry("instance", "$.detail.instance"),
                    Map.entry("status", "$.detail.status")
                ))
                .inputTemplate("\"<instance> is in state <status>\"")
                .build())
            .build());

    }
}
import pulumi
import pulumi_aws as aws

example_event_rule = aws.cloudwatch.EventRule("exampleEventRule")
# ...
example_event_target = aws.cloudwatch.EventTarget("exampleEventTarget",
    arn=aws_lambda_function["example"]["arn"],
    rule=example_event_rule.id,
    input_transformer=aws.cloudwatch.EventTargetInputTransformerArgs(
        input_paths={
            "instance": "$.detail.instance",
            "status": "$.detail.status",
        },
        input_template="\"<instance> is in state <status>\"",
    ))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleEventRule = new aws.cloudwatch.EventRule("exampleEventRule", {});
// ...
const exampleEventTarget = new aws.cloudwatch.EventTarget("exampleEventTarget", {
    arn: aws_lambda_function.example.arn,
    rule: exampleEventRule.id,
    inputTransformer: {
        inputPaths: {
            instance: "$.detail.instance",
            status: "$.detail.status",
        },
        inputTemplate: "\"<instance> is in state <status>\"",
    },
});
resources:
  exampleEventTarget:
    type: aws:cloudwatch:EventTarget
    properties:
      arn: ${aws_lambda_function.example.arn}
      rule: ${exampleEventRule.id}
      inputTransformer:
        inputPaths:
          instance: $.detail.instance
          status: $.detail.status
        inputTemplate: '"<instance> is in state <status>"'
  exampleEventRule:
    type: aws:cloudwatch:EventRule

Cloudwatch Log Group Usage

using System.Collections.Generic;
using System.Text.Json;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var exampleLogGroup = new Aws.CloudWatch.LogGroup("exampleLogGroup", new()
    {
        RetentionInDays = 1,
    });

    var exampleEventRule = new Aws.CloudWatch.EventRule("exampleEventRule", new()
    {
        Description = "GuardDuty Findings",
        EventPattern = JsonSerializer.Serialize(new Dictionary<string, object?>
        {
            ["source"] = new[]
            {
                "aws.guardduty",
            },
        }),
        Tags = 
        {
            { "Environment", "example" },
        },
    });

    var exampleLogPolicy = Aws.Iam.GetPolicyDocument.Invoke(new()
    {
        Statements = new[]
        {
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "logs:CreateLogStream",
                },
                Resources = new[]
                {
                    $"{exampleLogGroup.Arn}:*",
                },
                Principals = new[]
                {
                    new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                    {
                        Type = "Service",
                        Identifiers = new[]
                        {
                            "events.amazonaws.com",
                        },
                    },
                },
            },
            new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
            {
                Effect = "Allow",
                Actions = new[]
                {
                    "logs:PutLogEvents",
                },
                Resources = new[]
                {
                    $"{exampleLogGroup.Arn}:*:*",
                },
                Principals = new[]
                {
                    new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                    {
                        Type = "Service",
                        Identifiers = new[]
                        {
                            "events.amazonaws.com",
                        },
                    },
                },
                Conditions = new[]
                {
                    new Aws.Iam.Inputs.GetPolicyDocumentStatementConditionInputArgs
                    {
                        Test = "ArnEquals",
                        Values = new[]
                        {
                            exampleEventRule.Arn,
                        },
                        Variable = "aws:SourceArn",
                    },
                },
            },
        },
    });

    var exampleLogResourcePolicy = new Aws.CloudWatch.LogResourcePolicy("exampleLogResourcePolicy", new()
    {
        PolicyDocument = exampleLogPolicy.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
        PolicyName = "guardduty-log-publishing-policy",
    });

    var exampleEventTarget = new Aws.CloudWatch.EventTarget("exampleEventTarget", new()
    {
        Rule = exampleEventRule.Name,
        Arn = exampleLogGroup.Arn,
    });

});
package main

import (
	"encoding/json"
	"fmt"

	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudwatch"
	"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleLogGroup, err := cloudwatch.NewLogGroup(ctx, "exampleLogGroup", &cloudwatch.LogGroupArgs{
			RetentionInDays: pulumi.Int(1),
		})
		if err != nil {
			return err
		}
		tmpJSON0, err := json.Marshal(map[string]interface{}{
			"source": []string{
				"aws.guardduty",
			},
		})
		if err != nil {
			return err
		}
		json0 := string(tmpJSON0)
		exampleEventRule, err := cloudwatch.NewEventRule(ctx, "exampleEventRule", &cloudwatch.EventRuleArgs{
			Description:  pulumi.String("GuardDuty Findings"),
			EventPattern: pulumi.String(json0),
			Tags: pulumi.StringMap{
				"Environment": pulumi.String("example"),
			},
		})
		if err != nil {
			return err
		}
		exampleLogPolicy := iam.GetPolicyDocumentOutput(ctx, iam.GetPolicyDocumentOutputArgs{
			Statements: iam.GetPolicyDocumentStatementArray{
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("logs:CreateLogStream"),
					},
					Resources: pulumi.StringArray{
						exampleLogGroup.Arn.ApplyT(func(arn string) (string, error) {
							return fmt.Sprintf("%v:*", arn), nil
						}).(pulumi.StringOutput),
					},
					Principals: iam.GetPolicyDocumentStatementPrincipalArray{
						&iam.GetPolicyDocumentStatementPrincipalArgs{
							Type: pulumi.String("Service"),
							Identifiers: pulumi.StringArray{
								pulumi.String("events.amazonaws.com"),
							},
						},
					},
				},
				&iam.GetPolicyDocumentStatementArgs{
					Effect: pulumi.String("Allow"),
					Actions: pulumi.StringArray{
						pulumi.String("logs:PutLogEvents"),
					},
					Resources: pulumi.StringArray{
						exampleLogGroup.Arn.ApplyT(func(arn string) (string, error) {
							return fmt.Sprintf("%v:*:*", arn), nil
						}).(pulumi.StringOutput),
					},
					Principals: iam.GetPolicyDocumentStatementPrincipalArray{
						&iam.GetPolicyDocumentStatementPrincipalArgs{
							Type: pulumi.String("Service"),
							Identifiers: pulumi.StringArray{
								pulumi.String("events.amazonaws.com"),
							},
						},
					},
					Conditions: iam.GetPolicyDocumentStatementConditionArray{
						&iam.GetPolicyDocumentStatementConditionArgs{
							Test: pulumi.String("ArnEquals"),
							Values: pulumi.StringArray{
								exampleEventRule.Arn,
							},
							Variable: pulumi.String("aws:SourceArn"),
						},
					},
				},
			},
		}, nil)
		_, err = cloudwatch.NewLogResourcePolicy(ctx, "exampleLogResourcePolicy", &cloudwatch.LogResourcePolicyArgs{
			PolicyDocument: exampleLogPolicy.ApplyT(func(exampleLogPolicy iam.GetPolicyDocumentResult) (*string, error) {
				return &exampleLogPolicy.Json, nil
			}).(pulumi.StringPtrOutput),
			PolicyName: pulumi.String("guardduty-log-publishing-policy"),
		})
		if err != nil {
			return err
		}
		_, err = cloudwatch.NewEventTarget(ctx, "exampleEventTarget", &cloudwatch.EventTargetArgs{
			Rule: exampleEventRule.Name,
			Arn:  exampleLogGroup.Arn,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudwatch.LogGroup;
import com.pulumi.aws.cloudwatch.LogGroupArgs;
import com.pulumi.aws.cloudwatch.EventRule;
import com.pulumi.aws.cloudwatch.EventRuleArgs;
import com.pulumi.aws.iam.IamFunctions;
import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
import com.pulumi.aws.cloudwatch.LogResourcePolicy;
import com.pulumi.aws.cloudwatch.LogResourcePolicyArgs;
import com.pulumi.aws.cloudwatch.EventTarget;
import com.pulumi.aws.cloudwatch.EventTargetArgs;
import static com.pulumi.codegen.internal.Serialization.*;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleLogGroup = new LogGroup("exampleLogGroup", LogGroupArgs.builder()        
            .retentionInDays(1)
            .build());

        var exampleEventRule = new EventRule("exampleEventRule", EventRuleArgs.builder()        
            .description("GuardDuty Findings")
            .eventPattern(serializeJson(
                jsonObject(
                    jsonProperty("source", jsonArray("aws.guardduty"))
                )))
            .tags(Map.of("Environment", "example"))
            .build());

        final var exampleLogPolicy = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
            .statements(            
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions("logs:CreateLogStream")
                    .resources(exampleLogGroup.arn().applyValue(arn -> String.format("%s:*", arn)))
                    .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                        .type("Service")
                        .identifiers("events.amazonaws.com")
                        .build())
                    .build(),
                GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions("logs:PutLogEvents")
                    .resources(exampleLogGroup.arn().applyValue(arn -> String.format("%s:*:*", arn)))
                    .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                        .type("Service")
                        .identifiers("events.amazonaws.com")
                        .build())
                    .conditions(GetPolicyDocumentStatementConditionArgs.builder()
                        .test("ArnEquals")
                        .values(exampleEventRule.arn())
                        .variable("aws:SourceArn")
                        .build())
                    .build())
            .build());

        var exampleLogResourcePolicy = new LogResourcePolicy("exampleLogResourcePolicy", LogResourcePolicyArgs.builder()        
            .policyDocument(exampleLogPolicy.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult).applyValue(exampleLogPolicy -> exampleLogPolicy.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json())))
            .policyName("guardduty-log-publishing-policy")
            .build());

        var exampleEventTarget = new EventTarget("exampleEventTarget", EventTargetArgs.builder()        
            .rule(exampleEventRule.name())
            .arn(exampleLogGroup.arn())
            .build());

    }
}
import pulumi
import json
import pulumi_aws as aws

example_log_group = aws.cloudwatch.LogGroup("exampleLogGroup", retention_in_days=1)
example_event_rule = aws.cloudwatch.EventRule("exampleEventRule",
    description="GuardDuty Findings",
    event_pattern=json.dumps({
        "source": ["aws.guardduty"],
    }),
    tags={
        "Environment": "example",
    })
example_log_policy = aws.iam.get_policy_document_output(statements=[
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=["logs:CreateLogStream"],
        resources=[example_log_group.arn.apply(lambda arn: f"{arn}:*")],
        principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
            type="Service",
            identifiers=["events.amazonaws.com"],
        )],
    ),
    aws.iam.GetPolicyDocumentStatementArgs(
        effect="Allow",
        actions=["logs:PutLogEvents"],
        resources=[example_log_group.arn.apply(lambda arn: f"{arn}:*:*")],
        principals=[aws.iam.GetPolicyDocumentStatementPrincipalArgs(
            type="Service",
            identifiers=["events.amazonaws.com"],
        )],
        conditions=[aws.iam.GetPolicyDocumentStatementConditionArgs(
            test="ArnEquals",
            values=[example_event_rule.arn],
            variable="aws:SourceArn",
        )],
    ),
])
example_log_resource_policy = aws.cloudwatch.LogResourcePolicy("exampleLogResourcePolicy",
    policy_document=example_log_policy.json,
    policy_name="guardduty-log-publishing-policy")
example_event_target = aws.cloudwatch.EventTarget("exampleEventTarget",
    rule=example_event_rule.name,
    arn=example_log_group.arn)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleLogGroup = new aws.cloudwatch.LogGroup("exampleLogGroup", {retentionInDays: 1});
const exampleEventRule = new aws.cloudwatch.EventRule("exampleEventRule", {
    description: "GuardDuty Findings",
    eventPattern: JSON.stringify({
        source: ["aws.guardduty"],
    }),
    tags: {
        Environment: "example",
    },
});
const exampleLogPolicy = aws.iam.getPolicyDocumentOutput({
    statements: [
        {
            effect: "Allow",
            actions: ["logs:CreateLogStream"],
            resources: [pulumi.interpolate`${exampleLogGroup.arn}:*`],
            principals: [{
                type: "Service",
                identifiers: ["events.amazonaws.com"],
            }],
        },
        {
            effect: "Allow",
            actions: ["logs:PutLogEvents"],
            resources: [pulumi.interpolate`${exampleLogGroup.arn}:*:*`],
            principals: [{
                type: "Service",
                identifiers: ["events.amazonaws.com"],
            }],
            conditions: [{
                test: "ArnEquals",
                values: [exampleEventRule.arn],
                variable: "aws:SourceArn",
            }],
        },
    ],
});
const exampleLogResourcePolicy = new aws.cloudwatch.LogResourcePolicy("exampleLogResourcePolicy", {
    policyDocument: exampleLogPolicy.apply(exampleLogPolicy => exampleLogPolicy.json),
    policyName: "guardduty-log-publishing-policy",
});
const exampleEventTarget = new aws.cloudwatch.EventTarget("exampleEventTarget", {
    rule: exampleEventRule.name,
    arn: exampleLogGroup.arn,
});
resources:
  exampleLogGroup:
    type: aws:cloudwatch:LogGroup
    properties:
      retentionInDays: 1
  exampleLogResourcePolicy:
    type: aws:cloudwatch:LogResourcePolicy
    properties:
      policyDocument: ${exampleLogPolicy.json}
      policyName: guardduty-log-publishing-policy
  exampleEventRule:
    type: aws:cloudwatch:EventRule
    properties:
      description: GuardDuty Findings
      eventPattern:
        fn::toJSON:
          source:
            - aws.guardduty
      tags:
        Environment: example
  exampleEventTarget:
    type: aws:cloudwatch:EventTarget
    properties:
      rule: ${exampleEventRule.name}
      arn: ${exampleLogGroup.arn}
variables:
  exampleLogPolicy:
    fn::invoke:
      Function: aws:iam:getPolicyDocument
      Arguments:
        statements:
          - effect: Allow
            actions:
              - logs:CreateLogStream
            resources:
              - ${exampleLogGroup.arn}:*
            principals:
              - type: Service
                identifiers:
                  - events.amazonaws.com
          - effect: Allow
            actions:
              - logs:PutLogEvents
            resources:
              - ${exampleLogGroup.arn}:*:*
            principals:
              - type: Service
                identifiers:
                  - events.amazonaws.com
            conditions:
              - test: ArnEquals
                values:
                  - ${exampleEventRule.arn}
                variable: aws:SourceArn

Create EventTarget Resource

new EventTarget(name: string, args: EventTargetArgs, opts?: CustomResourceOptions);
@overload
def EventTarget(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                arn: Optional[str] = None,
                batch_target: Optional[EventTargetBatchTargetArgs] = None,
                dead_letter_config: Optional[EventTargetDeadLetterConfigArgs] = None,
                ecs_target: Optional[EventTargetEcsTargetArgs] = None,
                event_bus_name: Optional[str] = None,
                http_target: Optional[EventTargetHttpTargetArgs] = None,
                input: Optional[str] = None,
                input_path: Optional[str] = None,
                input_transformer: Optional[EventTargetInputTransformerArgs] = None,
                kinesis_target: Optional[EventTargetKinesisTargetArgs] = None,
                redshift_target: Optional[EventTargetRedshiftTargetArgs] = None,
                retry_policy: Optional[EventTargetRetryPolicyArgs] = None,
                role_arn: Optional[str] = None,
                rule: Optional[str] = None,
                run_command_targets: Optional[Sequence[EventTargetRunCommandTargetArgs]] = None,
                sqs_target: Optional[EventTargetSqsTargetArgs] = None,
                target_id: Optional[str] = None)
@overload
def EventTarget(resource_name: str,
                args: EventTargetArgs,
                opts: Optional[ResourceOptions] = None)
func NewEventTarget(ctx *Context, name string, args EventTargetArgs, opts ...ResourceOption) (*EventTarget, error)
public EventTarget(string name, EventTargetArgs args, CustomResourceOptions? opts = null)
public EventTarget(String name, EventTargetArgs args)
public EventTarget(String name, EventTargetArgs args, CustomResourceOptions options)
type: aws:cloudwatch:EventTarget
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args EventTargetArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args EventTargetArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args EventTargetArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args EventTargetArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args EventTargetArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

EventTarget Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The EventTarget resource accepts the following input properties:

Arn string

The Amazon Resource Name (ARN) of the target.

Rule string

The name of the rule you want to add targets to.

BatchTarget EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

DeadLetterConfig EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

EcsTarget EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

EventBusName string

The event bus to associate with the rule. If you omit this, the default event bus is used.

HttpTarget EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

Input string

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

InputPath string

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

InputTransformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

KinesisTarget EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

RedshiftTarget EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

RetryPolicy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

RoleArn string

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

RunCommandTargets List<EventTargetRunCommandTargetArgs>

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

SqsTarget EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

TargetId string

The unique target assignment ID. If missing, will generate a random, unique id.

Arn string

The Amazon Resource Name (ARN) of the target.

Rule string

The name of the rule you want to add targets to.

BatchTarget EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

DeadLetterConfig EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

EcsTarget EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

EventBusName string

The event bus to associate with the rule. If you omit this, the default event bus is used.

HttpTarget EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

Input string

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

InputPath string

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

InputTransformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

KinesisTarget EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

RedshiftTarget EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

RetryPolicy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

RoleArn string

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

RunCommandTargets []EventTargetRunCommandTargetArgs

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

SqsTarget EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

TargetId string

The unique target assignment ID. If missing, will generate a random, unique id.

arn String

The Amazon Resource Name (ARN) of the target.

rule String

The name of the rule you want to add targets to.

batchTarget EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

deadLetterConfig EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

ecsTarget EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

eventBusName String

The event bus to associate with the rule. If you omit this, the default event bus is used.

httpTarget EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

input String

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

inputPath String

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

inputTransformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

kinesisTarget EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

redshiftTarget EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

retryPolicy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

roleArn String

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

runCommandTargets List<EventTargetRunCommandTargetArgs>

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

sqsTarget EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

targetId String

The unique target assignment ID. If missing, will generate a random, unique id.

arn string

The Amazon Resource Name (ARN) of the target.

rule string

The name of the rule you want to add targets to.

batchTarget EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

deadLetterConfig EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

ecsTarget EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

eventBusName string

The event bus to associate with the rule. If you omit this, the default event bus is used.

httpTarget EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

input string

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

inputPath string

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

inputTransformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

kinesisTarget EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

redshiftTarget EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

retryPolicy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

roleArn string

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

runCommandTargets EventTargetRunCommandTargetArgs[]

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

sqsTarget EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

targetId string

The unique target assignment ID. If missing, will generate a random, unique id.

arn str

The Amazon Resource Name (ARN) of the target.

rule str

The name of the rule you want to add targets to.

batch_target EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

dead_letter_config EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

ecs_target EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

event_bus_name str

The event bus to associate with the rule. If you omit this, the default event bus is used.

http_target EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

input str

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

input_path str

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

input_transformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

kinesis_target EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

redshift_target EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

retry_policy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

role_arn str

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

run_command_targets Sequence[EventTargetRunCommandTargetArgs]

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

sqs_target EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

target_id str

The unique target assignment ID. If missing, will generate a random, unique id.

arn String

The Amazon Resource Name (ARN) of the target.

rule String

The name of the rule you want to add targets to.

batchTarget Property Map

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

deadLetterConfig Property Map

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

ecsTarget Property Map

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

eventBusName String

The event bus to associate with the rule. If you omit this, the default event bus is used.

httpTarget Property Map

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

input String

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

inputPath String

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

inputTransformer Property Map

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

kinesisTarget Property Map

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

redshiftTarget Property Map

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

retryPolicy Property Map

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

roleArn String

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

runCommandTargets List<Property Map>

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

sqsTarget Property Map

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

targetId String

The unique target assignment ID. If missing, will generate a random, unique id.

Outputs

All input properties are implicitly available as output properties. Additionally, the EventTarget resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing EventTarget Resource

Get an existing EventTarget resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: EventTargetState, opts?: CustomResourceOptions): EventTarget
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        arn: Optional[str] = None,
        batch_target: Optional[EventTargetBatchTargetArgs] = None,
        dead_letter_config: Optional[EventTargetDeadLetterConfigArgs] = None,
        ecs_target: Optional[EventTargetEcsTargetArgs] = None,
        event_bus_name: Optional[str] = None,
        http_target: Optional[EventTargetHttpTargetArgs] = None,
        input: Optional[str] = None,
        input_path: Optional[str] = None,
        input_transformer: Optional[EventTargetInputTransformerArgs] = None,
        kinesis_target: Optional[EventTargetKinesisTargetArgs] = None,
        redshift_target: Optional[EventTargetRedshiftTargetArgs] = None,
        retry_policy: Optional[EventTargetRetryPolicyArgs] = None,
        role_arn: Optional[str] = None,
        rule: Optional[str] = None,
        run_command_targets: Optional[Sequence[EventTargetRunCommandTargetArgs]] = None,
        sqs_target: Optional[EventTargetSqsTargetArgs] = None,
        target_id: Optional[str] = None) -> EventTarget
func GetEventTarget(ctx *Context, name string, id IDInput, state *EventTargetState, opts ...ResourceOption) (*EventTarget, error)
public static EventTarget Get(string name, Input<string> id, EventTargetState? state, CustomResourceOptions? opts = null)
public static EventTarget get(String name, Output<String> id, EventTargetState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Arn string

The Amazon Resource Name (ARN) of the target.

BatchTarget EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

DeadLetterConfig EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

EcsTarget EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

EventBusName string

The event bus to associate with the rule. If you omit this, the default event bus is used.

HttpTarget EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

Input string

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

InputPath string

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

InputTransformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

KinesisTarget EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

RedshiftTarget EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

RetryPolicy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

RoleArn string

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

Rule string

The name of the rule you want to add targets to.

RunCommandTargets List<EventTargetRunCommandTargetArgs>

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

SqsTarget EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

TargetId string

The unique target assignment ID. If missing, will generate a random, unique id.

Arn string

The Amazon Resource Name (ARN) of the target.

BatchTarget EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

DeadLetterConfig EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

EcsTarget EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

EventBusName string

The event bus to associate with the rule. If you omit this, the default event bus is used.

HttpTarget EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

Input string

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

InputPath string

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

InputTransformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

KinesisTarget EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

RedshiftTarget EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

RetryPolicy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

RoleArn string

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

Rule string

The name of the rule you want to add targets to.

RunCommandTargets []EventTargetRunCommandTargetArgs

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

SqsTarget EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

TargetId string

The unique target assignment ID. If missing, will generate a random, unique id.

arn String

The Amazon Resource Name (ARN) of the target.

batchTarget EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

deadLetterConfig EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

ecsTarget EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

eventBusName String

The event bus to associate with the rule. If you omit this, the default event bus is used.

httpTarget EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

input String

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

inputPath String

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

inputTransformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

kinesisTarget EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

redshiftTarget EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

retryPolicy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

roleArn String

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

rule String

The name of the rule you want to add targets to.

runCommandTargets List<EventTargetRunCommandTargetArgs>

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

sqsTarget EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

targetId String

The unique target assignment ID. If missing, will generate a random, unique id.

arn string

The Amazon Resource Name (ARN) of the target.

batchTarget EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

deadLetterConfig EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

ecsTarget EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

eventBusName string

The event bus to associate with the rule. If you omit this, the default event bus is used.

httpTarget EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

input string

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

inputPath string

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

inputTransformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

kinesisTarget EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

redshiftTarget EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

retryPolicy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

roleArn string

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

rule string

The name of the rule you want to add targets to.

runCommandTargets EventTargetRunCommandTargetArgs[]

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

sqsTarget EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

targetId string

The unique target assignment ID. If missing, will generate a random, unique id.

arn str

The Amazon Resource Name (ARN) of the target.

batch_target EventTargetBatchTargetArgs

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

dead_letter_config EventTargetDeadLetterConfigArgs

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

ecs_target EventTargetEcsTargetArgs

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

event_bus_name str

The event bus to associate with the rule. If you omit this, the default event bus is used.

http_target EventTargetHttpTargetArgs

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

input str

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

input_path str

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

input_transformer EventTargetInputTransformerArgs

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

kinesis_target EventTargetKinesisTargetArgs

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

redshift_target EventTargetRedshiftTargetArgs

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

retry_policy EventTargetRetryPolicyArgs

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

role_arn str

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

rule str

The name of the rule you want to add targets to.

run_command_targets Sequence[EventTargetRunCommandTargetArgs]

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

sqs_target EventTargetSqsTargetArgs

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

target_id str

The unique target assignment ID. If missing, will generate a random, unique id.

arn String

The Amazon Resource Name (ARN) of the target.

batchTarget Property Map

Parameters used when you are using the rule to invoke an Amazon Batch Job. Documented below. A maximum of 1 are allowed.

deadLetterConfig Property Map

Parameters used when you are providing a dead letter config. Documented below. A maximum of 1 are allowed.

ecsTarget Property Map

Parameters used when you are using the rule to invoke Amazon ECS Task. Documented below. A maximum of 1 are allowed.

eventBusName String

The event bus to associate with the rule. If you omit this, the default event bus is used.

httpTarget Property Map

Parameters used when you are using the rule to invoke an API Gateway REST endpoint. Documented below. A maximum of 1 is allowed.

input String

Valid JSON text passed to the target. Conflicts with input_path and input_transformer.

inputPath String

The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. Conflicts with input and input_transformer.

inputTransformer Property Map

Parameters used when you are providing a custom input to a target based on certain event data. Conflicts with input and input_path.

kinesisTarget Property Map

Parameters used when you are using the rule to invoke an Amazon Kinesis Stream. Documented below. A maximum of 1 are allowed.

redshiftTarget Property Map

Parameters used when you are using the rule to invoke an Amazon Redshift Statement. Documented below. A maximum of 1 are allowed.

retryPolicy Property Map

Parameters used when you are providing retry policies. Documented below. A maximum of 1 are allowed.

roleArn String

The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. Required if ecs_target is used or target in arn is EC2 instance, Kinesis data stream, Step Functions state machine, or Event Bus in different account or region.

rule String

The name of the rule you want to add targets to.

runCommandTargets List<Property Map>

Parameters used when you are using the rule to invoke Amazon EC2 Run Command. Documented below. A maximum of 5 are allowed.

sqsTarget Property Map

Parameters used when you are using the rule to invoke an Amazon SQS Queue. Documented below. A maximum of 1 are allowed.

targetId String

The unique target assignment ID. If missing, will generate a random, unique id.

Supporting Types

EventTargetBatchTarget

JobDefinition string

The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.

JobName string

The name to use for this execution of the job, if the target is an AWS Batch job.

ArraySize int

The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.

JobAttempts int

The number of times to attempt to retry, if the job fails. Valid values are 1 to 10.

JobDefinition string

The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.

JobName string

The name to use for this execution of the job, if the target is an AWS Batch job.

ArraySize int

The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.

JobAttempts int

The number of times to attempt to retry, if the job fails. Valid values are 1 to 10.

jobDefinition String

The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.

jobName String

The name to use for this execution of the job, if the target is an AWS Batch job.

arraySize Integer

The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.

jobAttempts Integer

The number of times to attempt to retry, if the job fails. Valid values are 1 to 10.

jobDefinition string

The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.

jobName string

The name to use for this execution of the job, if the target is an AWS Batch job.

arraySize number

The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.

jobAttempts number

The number of times to attempt to retry, if the job fails. Valid values are 1 to 10.

job_definition str

The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.

job_name str

The name to use for this execution of the job, if the target is an AWS Batch job.

array_size int

The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.

job_attempts int

The number of times to attempt to retry, if the job fails. Valid values are 1 to 10.

jobDefinition String

The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.

jobName String

The name to use for this execution of the job, if the target is an AWS Batch job.

arraySize Number

The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.

jobAttempts Number

The number of times to attempt to retry, if the job fails. Valid values are 1 to 10.

EventTargetDeadLetterConfig

Arn string

ARN of the SQS queue specified as the target for the dead-letter queue.

Arn string

ARN of the SQS queue specified as the target for the dead-letter queue.

arn String

ARN of the SQS queue specified as the target for the dead-letter queue.

arn string

ARN of the SQS queue specified as the target for the dead-letter queue.

arn str

ARN of the SQS queue specified as the target for the dead-letter queue.

arn String

ARN of the SQS queue specified as the target for the dead-letter queue.

EventTargetEcsTarget

TaskDefinitionArn string

The ARN of the task definition to use if the event target is an Amazon ECS cluster.

CapacityProviderStrategies List<EventTargetEcsTargetCapacityProviderStrategy>

The capacity provider strategy to use for the task. If a capacity_provider_strategy specified, the launch_type parameter must be omitted. If no capacity_provider_strategy or launch_type is specified, the default capacity provider strategy for the cluster is used. Can be one or more. See below.

EnableEcsManagedTags bool

Specifies whether to enable Amazon ECS managed tags for the task.

EnableExecuteCommand bool

Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.

Group string

Specifies an ECS task group for the task. The maximum length is 255 characters.

LaunchType string

Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values include: EC2, EXTERNAL, or FARGATE.

NetworkConfiguration EventTargetEcsTargetNetworkConfiguration

Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if launch_type is FARGATE because the awsvpc mode is required for Fargate tasks.

PlacementConstraints List<EventTargetEcsTargetPlacementConstraint>

An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). See Below.

PlatformVersion string

Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see AWS Fargate Platform Versions.

PropagateTags string

Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. The only valid value is: TASK_DEFINITION.

Tags Dictionary<string, string>

A map of tags to assign to ecs resources.

TaskCount int

The number of tasks to create based on the TaskDefinition. Defaults to 1.

TaskDefinitionArn string

The ARN of the task definition to use if the event target is an Amazon ECS cluster.

CapacityProviderStrategies []EventTargetEcsTargetCapacityProviderStrategy

The capacity provider strategy to use for the task. If a capacity_provider_strategy specified, the launch_type parameter must be omitted. If no capacity_provider_strategy or launch_type is specified, the default capacity provider strategy for the cluster is used. Can be one or more. See below.

EnableEcsManagedTags bool

Specifies whether to enable Amazon ECS managed tags for the task.

EnableExecuteCommand bool

Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.

Group string

Specifies an ECS task group for the task. The maximum length is 255 characters.

LaunchType string

Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values include: EC2, EXTERNAL, or FARGATE.

NetworkConfiguration EventTargetEcsTargetNetworkConfiguration

Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if launch_type is FARGATE because the awsvpc mode is required for Fargate tasks.

PlacementConstraints []EventTargetEcsTargetPlacementConstraint

An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). See Below.

PlatformVersion string

Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see AWS Fargate Platform Versions.

PropagateTags string

Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. The only valid value is: TASK_DEFINITION.

Tags map[string]string

A map of tags to assign to ecs resources.

TaskCount int

The number of tasks to create based on the TaskDefinition. Defaults to 1.

taskDefinitionArn String

The ARN of the task definition to use if the event target is an Amazon ECS cluster.

capacityProviderStrategies List<EventTargetEcsTargetCapacityProviderStrategy>

The capacity provider strategy to use for the task. If a capacity_provider_strategy specified, the launch_type parameter must be omitted. If no capacity_provider_strategy or launch_type is specified, the default capacity provider strategy for the cluster is used. Can be one or more. See below.

enableEcsManagedTags Boolean

Specifies whether to enable Amazon ECS managed tags for the task.

enableExecuteCommand Boolean

Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.

group String

Specifies an ECS task group for the task. The maximum length is 255 characters.

launchType String

Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values include: EC2, EXTERNAL, or FARGATE.

networkConfiguration EventTargetEcsTargetNetworkConfiguration

Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if launch_type is FARGATE because the awsvpc mode is required for Fargate tasks.

placementConstraints List<EventTargetEcsTargetPlacementConstraint>

An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). See Below.

platformVersion String

Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see AWS Fargate Platform Versions.

propagateTags String

Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. The only valid value is: TASK_DEFINITION.

tags Map<String,String>

A map of tags to assign to ecs resources.

taskCount Integer

The number of tasks to create based on the TaskDefinition. Defaults to 1.

taskDefinitionArn string

The ARN of the task definition to use if the event target is an Amazon ECS cluster.

capacityProviderStrategies EventTargetEcsTargetCapacityProviderStrategy[]

The capacity provider strategy to use for the task. If a capacity_provider_strategy specified, the launch_type parameter must be omitted. If no capacity_provider_strategy or launch_type is specified, the default capacity provider strategy for the cluster is used. Can be one or more. See below.

enableEcsManagedTags boolean

Specifies whether to enable Amazon ECS managed tags for the task.

enableExecuteCommand boolean

Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.

group string

Specifies an ECS task group for the task. The maximum length is 255 characters.

launchType string

Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values include: EC2, EXTERNAL, or FARGATE.

networkConfiguration EventTargetEcsTargetNetworkConfiguration

Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if launch_type is FARGATE because the awsvpc mode is required for Fargate tasks.

placementConstraints EventTargetEcsTargetPlacementConstraint[]

An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). See Below.

platformVersion string

Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see AWS Fargate Platform Versions.

propagateTags string

Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. The only valid value is: TASK_DEFINITION.

tags {[key: string]: string}

A map of tags to assign to ecs resources.

taskCount number

The number of tasks to create based on the TaskDefinition. Defaults to 1.

task_definition_arn str

The ARN of the task definition to use if the event target is an Amazon ECS cluster.

capacity_provider_strategies Sequence[EventTargetEcsTargetCapacityProviderStrategy]

The capacity provider strategy to use for the task. If a capacity_provider_strategy specified, the launch_type parameter must be omitted. If no capacity_provider_strategy or launch_type is specified, the default capacity provider strategy for the cluster is used. Can be one or more. See below.

enable_ecs_managed_tags bool

Specifies whether to enable Amazon ECS managed tags for the task.

enable_execute_command bool

Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.

group str

Specifies an ECS task group for the task. The maximum length is 255 characters.

launch_type str

Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values include: EC2, EXTERNAL, or FARGATE.

network_configuration EventTargetEcsTargetNetworkConfiguration

Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if launch_type is FARGATE because the awsvpc mode is required for Fargate tasks.

placement_constraints Sequence[EventTargetEcsTargetPlacementConstraint]

An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). See Below.

platform_version str

Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see AWS Fargate Platform Versions.

propagate_tags str

Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. The only valid value is: TASK_DEFINITION.

tags Mapping[str, str]

A map of tags to assign to ecs resources.

task_count int

The number of tasks to create based on the TaskDefinition. Defaults to 1.

taskDefinitionArn String

The ARN of the task definition to use if the event target is an Amazon ECS cluster.

capacityProviderStrategies List<Property Map>

The capacity provider strategy to use for the task. If a capacity_provider_strategy specified, the launch_type parameter must be omitted. If no capacity_provider_strategy or launch_type is specified, the default capacity provider strategy for the cluster is used. Can be one or more. See below.

enableEcsManagedTags Boolean

Specifies whether to enable Amazon ECS managed tags for the task.

enableExecuteCommand Boolean

Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.

group String

Specifies an ECS task group for the task. The maximum length is 255 characters.

launchType String

Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. Valid values include: EC2, EXTERNAL, or FARGATE.

networkConfiguration Property Map

Use this if the ECS task uses the awsvpc network mode. This specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. Required if launch_type is FARGATE because the awsvpc mode is required for Fargate tasks.

placementConstraints List<Property Map>

An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). See Below.

platformVersion String

Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. This is used only if LaunchType is FARGATE. For more information about valid platform versions, see AWS Fargate Platform Versions.

propagateTags String

Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. The only valid value is: TASK_DEFINITION.

tags Map<String>

A map of tags to assign to ecs resources.

taskCount Number

The number of tasks to create based on the TaskDefinition. Defaults to 1.

EventTargetEcsTargetCapacityProviderStrategy

CapacityProvider string

Short name of the capacity provider.

Base int

The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to 0.

Weight int

The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.

CapacityProvider string

Short name of the capacity provider.

Base int

The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to 0.

Weight int

The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.

capacityProvider String

Short name of the capacity provider.

base Integer

The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to 0.

weight Integer

The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.

capacityProvider string

Short name of the capacity provider.

base number

The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to 0.

weight number

The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.

capacity_provider str

Short name of the capacity provider.

base int

The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to 0.

weight int

The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.

capacityProvider String

Short name of the capacity provider.

base Number

The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. Defaults to 0.

weight Number

The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.

EventTargetEcsTargetNetworkConfiguration

Subnets List<string>

The subnets associated with the task or service.

AssignPublicIp bool

Assign a public IP address to the ENI (Fargate launch type only). Valid values are true or false. Defaults to false.

SecurityGroups List<string>

The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.

Subnets []string

The subnets associated with the task or service.

AssignPublicIp bool

Assign a public IP address to the ENI (Fargate launch type only). Valid values are true or false. Defaults to false.

SecurityGroups []string

The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.

subnets List<String>

The subnets associated with the task or service.

assignPublicIp Boolean

Assign a public IP address to the ENI (Fargate launch type only). Valid values are true or false. Defaults to false.

securityGroups List<String>

The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.

subnets string[]

The subnets associated with the task or service.

assignPublicIp boolean

Assign a public IP address to the ENI (Fargate launch type only). Valid values are true or false. Defaults to false.

securityGroups string[]

The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.

subnets Sequence[str]

The subnets associated with the task or service.

assign_public_ip bool

Assign a public IP address to the ENI (Fargate launch type only). Valid values are true or false. Defaults to false.

security_groups Sequence[str]

The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.

subnets List<String>

The subnets associated with the task or service.

assignPublicIp Boolean

Assign a public IP address to the ENI (Fargate launch type only). Valid values are true or false. Defaults to false.

securityGroups List<String>

The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used.

EventTargetEcsTargetPlacementConstraint

Type string

Type of constraint. The only valid values at this time are memberOf and distinctInstance.

Expression string

Cluster Query Language expression to apply to the constraint. Does not need to be specified for the distinctInstance type. For more information, see Cluster Query Language in the Amazon EC2 Container Service Developer Guide.

Type string

Type of constraint. The only valid values at this time are memberOf and distinctInstance.

Expression string

Cluster Query Language expression to apply to the constraint. Does not need to be specified for the distinctInstance type. For more information, see Cluster Query Language in the Amazon EC2 Container Service Developer Guide.

type String

Type of constraint. The only valid values at this time are memberOf and distinctInstance.

expression String

Cluster Query Language expression to apply to the constraint. Does not need to be specified for the distinctInstance type. For more information, see Cluster Query Language in the Amazon EC2 Container Service Developer Guide.

type string

Type of constraint. The only valid values at this time are memberOf and distinctInstance.

expression string

Cluster Query Language expression to apply to the constraint. Does not need to be specified for the distinctInstance type. For more information, see Cluster Query Language in the Amazon EC2 Container Service Developer Guide.

type str

Type of constraint. The only valid values at this time are memberOf and distinctInstance.

expression str

Cluster Query Language expression to apply to the constraint. Does not need to be specified for the distinctInstance type. For more information, see Cluster Query Language in the Amazon EC2 Container Service Developer Guide.

type String

Type of constraint. The only valid values at this time are memberOf and distinctInstance.

expression String

Cluster Query Language expression to apply to the constraint. Does not need to be specified for the distinctInstance type. For more information, see Cluster Query Language in the Amazon EC2 Container Service Developer Guide.

EventTargetHttpTarget

HeaderParameters Dictionary<string, string>

Enables you to specify HTTP headers to add to the request.

PathParameterValues List<string>

The list of values that correspond sequentially to any path variables in your endpoint ARN (for example arn:aws:execute-api:us-east-1:123456:myapi/*/POST/pets/*).

QueryStringParameters Dictionary<string, string>

Represents keys/values of query string parameters that are appended to the invoked endpoint.

HeaderParameters map[string]string

Enables you to specify HTTP headers to add to the request.

PathParameterValues []string

The list of values that correspond sequentially to any path variables in your endpoint ARN (for example arn:aws:execute-api:us-east-1:123456:myapi/*/POST/pets/*).

QueryStringParameters map[string]string

Represents keys/values of query string parameters that are appended to the invoked endpoint.

headerParameters Map<String,String>

Enables you to specify HTTP headers to add to the request.

pathParameterValues List<String>

The list of values that correspond sequentially to any path variables in your endpoint ARN (for example arn:aws:execute-api:us-east-1:123456:myapi/*/POST/pets/*).

queryStringParameters Map<String,String>

Represents keys/values of query string parameters that are appended to the invoked endpoint.

headerParameters {[key: string]: string}

Enables you to specify HTTP headers to add to the request.

pathParameterValues string[]

The list of values that correspond sequentially to any path variables in your endpoint ARN (for example arn:aws:execute-api:us-east-1:123456:myapi/*/POST/pets/*).

queryStringParameters {[key: string]: string}

Represents keys/values of query string parameters that are appended to the invoked endpoint.

header_parameters Mapping[str, str]

Enables you to specify HTTP headers to add to the request.

path_parameter_values Sequence[str]

The list of values that correspond sequentially to any path variables in your endpoint ARN (for example arn:aws:execute-api:us-east-1:123456:myapi/*/POST/pets/*).

query_string_parameters Mapping[str, str]

Represents keys/values of query string parameters that are appended to the invoked endpoint.

headerParameters Map<String>

Enables you to specify HTTP headers to add to the request.

pathParameterValues List<String>

The list of values that correspond sequentially to any path variables in your endpoint ARN (for example arn:aws:execute-api:us-east-1:123456:myapi/*/POST/pets/*).

queryStringParameters Map<String>

Represents keys/values of query string parameters that are appended to the invoked endpoint.

EventTargetInputTransformer

InputTemplate string

Template to customize data sent to the target. Must be valid JSON. To send a string value, the string value must include double quotes.

InputPaths Dictionary<string, string>

Key value pairs specified in the form of JSONPath (for example, time = $.time)

  • You can have as many as 100 key-value pairs.
  • You must use JSON dot notation, not bracket notation.
  • The keys can't start with "AWS".
InputTemplate string

Template to customize data sent to the target. Must be valid JSON. To send a string value, the string value must include double quotes.

InputPaths map[string]string

Key value pairs specified in the form of JSONPath (for example, time = $.time)

  • You can have as many as 100 key-value pairs.
  • You must use JSON dot notation, not bracket notation.
  • The keys can't start with "AWS".
inputTemplate String

Template to customize data sent to the target. Must be valid JSON. To send a string value, the string value must include double quotes.

inputPaths Map<String,String>

Key value pairs specified in the form of JSONPath (for example, time = $.time)

  • You can have as many as 100 key-value pairs.
  • You must use JSON dot notation, not bracket notation.
  • The keys can't start with "AWS".
inputTemplate string

Template to customize data sent to the target. Must be valid JSON. To send a string value, the string value must include double quotes.

inputPaths {[key: string]: string}

Key value pairs specified in the form of JSONPath (for example, time = $.time)

  • You can have as many as 100 key-value pairs.
  • You must use JSON dot notation, not bracket notation.
  • The keys can't start with "AWS".
input_template str

Template to customize data sent to the target. Must be valid JSON. To send a string value, the string value must include double quotes.

input_paths Mapping[str, str]

Key value pairs specified in the form of JSONPath (for example, time = $.time)

  • You can have as many as 100 key-value pairs.
  • You must use JSON dot notation, not bracket notation.
  • The keys can't start with "AWS".
inputTemplate String

Template to customize data sent to the target. Must be valid JSON. To send a string value, the string value must include double quotes.

inputPaths Map<String>

Key value pairs specified in the form of JSONPath (for example, time = $.time)

  • You can have as many as 100 key-value pairs.
  • You must use JSON dot notation, not bracket notation.
  • The keys can't start with "AWS".

EventTargetKinesisTarget

PartitionKeyPath string

The JSON path to be extracted from the event and used as the partition key.

PartitionKeyPath string

The JSON path to be extracted from the event and used as the partition key.

partitionKeyPath String

The JSON path to be extracted from the event and used as the partition key.

partitionKeyPath string

The JSON path to be extracted from the event and used as the partition key.

partition_key_path str

The JSON path to be extracted from the event and used as the partition key.

partitionKeyPath String

The JSON path to be extracted from the event and used as the partition key.

EventTargetRedshiftTarget

Database string

The name of the database.

DbUser string

The database user name.

SecretsManagerArn string

The name or ARN of the secret that enables access to the database.

Sql string

The SQL statement text to run.

StatementName string

The name of the SQL statement.

WithEvent bool

Indicates whether to send an event back to EventBridge after the SQL statement runs.

Database string

The name of the database.

DbUser string

The database user name.

SecretsManagerArn string

The name or ARN of the secret that enables access to the database.

Sql string

The SQL statement text to run.

StatementName string

The name of the SQL statement.

WithEvent bool

Indicates whether to send an event back to EventBridge after the SQL statement runs.

database String

The name of the database.

dbUser String

The database user name.

secretsManagerArn String

The name or ARN of the secret that enables access to the database.

sql String

The SQL statement text to run.

statementName String

The name of the SQL statement.

withEvent Boolean

Indicates whether to send an event back to EventBridge after the SQL statement runs.

database string

The name of the database.

dbUser string

The database user name.

secretsManagerArn string

The name or ARN of the secret that enables access to the database.

sql string

The SQL statement text to run.

statementName string

The name of the SQL statement.

withEvent boolean

Indicates whether to send an event back to EventBridge after the SQL statement runs.

database str

The name of the database.

db_user str

The database user name.

secrets_manager_arn str

The name or ARN of the secret that enables access to the database.

sql str

The SQL statement text to run.

statement_name str

The name of the SQL statement.

with_event bool

Indicates whether to send an event back to EventBridge after the SQL statement runs.

database String

The name of the database.

dbUser String

The database user name.

secretsManagerArn String

The name or ARN of the secret that enables access to the database.

sql String

The SQL statement text to run.

statementName String

The name of the SQL statement.

withEvent Boolean

Indicates whether to send an event back to EventBridge after the SQL statement runs.

EventTargetRetryPolicy

MaximumEventAgeInSeconds int

The age in seconds to continue to make retry attempts.

MaximumRetryAttempts int

maximum number of retry attempts to make before the request fails

MaximumEventAgeInSeconds int

The age in seconds to continue to make retry attempts.

MaximumRetryAttempts int

maximum number of retry attempts to make before the request fails

maximumEventAgeInSeconds Integer

The age in seconds to continue to make retry attempts.

maximumRetryAttempts Integer

maximum number of retry attempts to make before the request fails

maximumEventAgeInSeconds number

The age in seconds to continue to make retry attempts.

maximumRetryAttempts number

maximum number of retry attempts to make before the request fails

maximum_event_age_in_seconds int

The age in seconds to continue to make retry attempts.

maximum_retry_attempts int

maximum number of retry attempts to make before the request fails

maximumEventAgeInSeconds Number

The age in seconds to continue to make retry attempts.

maximumRetryAttempts Number

maximum number of retry attempts to make before the request fails

EventTargetRunCommandTarget

Key string

Can be either tag:tag-key or InstanceIds.

Values List<string>

If Key is tag:tag-key, Values is a list of tag values. If Key is InstanceIds, Values is a list of Amazon EC2 instance IDs.

Key string

Can be either tag:tag-key or InstanceIds.

Values []string

If Key is tag:tag-key, Values is a list of tag values. If Key is InstanceIds, Values is a list of Amazon EC2 instance IDs.

key String

Can be either tag:tag-key or InstanceIds.

values List<String>

If Key is tag:tag-key, Values is a list of tag values. If Key is InstanceIds, Values is a list of Amazon EC2 instance IDs.

key string

Can be either tag:tag-key or InstanceIds.

values string[]

If Key is tag:tag-key, Values is a list of tag values. If Key is InstanceIds, Values is a list of Amazon EC2 instance IDs.

key str

Can be either tag:tag-key or InstanceIds.

values Sequence[str]

If Key is tag:tag-key, Values is a list of tag values. If Key is InstanceIds, Values is a list of Amazon EC2 instance IDs.

key String

Can be either tag:tag-key or InstanceIds.

values List<String>

If Key is tag:tag-key, Values is a list of tag values. If Key is InstanceIds, Values is a list of Amazon EC2 instance IDs.

EventTargetSqsTarget

MessageGroupId string

The FIFO message group ID to use as the target.

MessageGroupId string

The FIFO message group ID to use as the target.

messageGroupId String

The FIFO message group ID to use as the target.

messageGroupId string

The FIFO message group ID to use as the target.

message_group_id str

The FIFO message group ID to use as the target.

messageGroupId String

The FIFO message group ID to use as the target.

Import

EventBridge Targets can be imported using event_bus_name/rule-name/target-id (if you omit event_bus_name, the default event bus will be used).

 $ pulumi import aws:cloudwatch/eventTarget:EventTarget test-event-target rule-name/target-id

Package Details

Repository
AWS Classic pulumi/pulumi-aws
License
Apache-2.0
Notes

This Pulumi package is based on the aws Terraform Provider.