Amazon EventBridge support for ACM - Amazon Certificate Manager
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Amazon EventBridge support for ACM

This topic lists and describes the ACM related events supported by Amazon EventBridge.

Amazon health events

ACM generates Amazon health events in response to changes in the state of a certificate.

One of the following event type codes is included with each event. The codes are exposed as variables that you can use for filtering.

  • AWS_ACM_RENEWAL_STATE_CHANGE (the certificate has been renewed, has expired, or is due to expire)

  • CAA_CHECK_FAILURE (CAA check failed)

  • AWS_ACM_RENEWAL_FAILURE (for certificates signed by a private CA)

Health events have the following structure. In this example, an AWS_ACM_RENEWAL_STATE_CHANGE event has been generated.

{ "source":[ "aws.health" ], "detail-type":[ "AWS Health Event" ], "detail":{ "service":[ "ACM" ], "eventTypeCategory":[ "scheduledChange" ], "eventTypeCode":[ "AWS_ACM_RENEWAL_STATE_CHANGE" ] } }

ACM expiration events

Certificates generated by ACM renew automatically, but imported certificates need to be re-issued and re-imported into ACM prior to expiration to avoid outages. ACM expiration events are generated to provide notice of approaching expiration.

Expiration events have the following structure.

{ "version": "0", "id": "9c95e8e4-96a4-ef3f-b739-b6aa5b193afb", "detail-type": "ACM Certificate Approaching Expiration", "source": "aws.acm", "account": "123456789012", "time": "2020-09-30T06:51:08Z", "region": "us-east-1", "resources": [ "arn:aws:acm:us-east-1:123456789012:certificate/61f50cd4-45b9-4259-b049-d0a53682fa4b" ], "detail": { "DaysToExpiry": 31, "CommonName": "My Awesome Service" } }