Using Amazon CloudWatch Events and Amazon Lambda with Amazon SMS - Amazon Server Migration Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Product update

We recommend Amazon Application Migration Service (Amazon MGN) as the primary migration service for lift-and-shift migrations. If Amazon MGN is unavailable in a specific Amazon Region, you can use the Amazon SMS APIs through March 2023.

Using Amazon CloudWatch Events and Amazon Lambda with Amazon SMS

You can use Amazon CloudWatch Events with Amazon Server Migration Service to automate actions based on your migration workflow. This requires you to create an IAM policy for Lambda to assume, a Lambda function to handle the event, and a CloudWatch Events rule that matches incoming events and routes them to the Lambda function.

Handling CloudWatch Events rules for Amazon SMS

The following procedure uses an Amazon Lambda function to monitor Amazon SMS job state changes and launches an Amazon EC2 instance whenever an AMI ID has been created.

To create a Lambda function that monitors job state changes

  1. Open the IAM console at

  2. Create an IAM policy to provide permissions to execute an action (called by Lambda) and to write to the CloudWatch log when invoked by CloudWatch Events. The following example provides permissions to execute a RunInstances action. Assign the policy to the IAM role of the user that will handle the CloudWatch event.

    { "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource":"arn:aws:logs:*:*:*" }, { "Effect":"Allow", "Action":[ "ec2:RunInstances" ], "Resource":"*" } ] }
  3. Open the Amazon Lambda console at

  4. Choose Create function.

  5. To ensure that your Lambda function is available from the CloudWatch console, create it in the region where the CloudWatch event will occur. For more information, see the Amazon Lambda Developer Guide. Name the function LaunchInstanceFromAMI and select Python 2.7 as the runtime.

  6. For Role, select Choose an existing role. Under Existing role, in the list of available roles, choose the role to which you added your policy.

  7. Choose Create function and define a Lambda function similar to the one below. This sample function, written in Python 2.7, is invoked by CloudWatch Events when an Amazon SMS job completion sends an event with an AMI ID. When invoked, it launches a t2.micro instance in the region of the event.

    # Sample Lambda function to launch an EC2 instance from all AMI ID's created from a # Server Migration Service replication job import boto3 # main function def lambda_handler(event, context): # create an ec2 client ec2 = boto3.client('ec2', region_name=event['region']) # match any event that returns an ami-id if 'ami-id' in event['detail']: imageId = event['detail']['ami-id'] # launch instance from the AMI ID ec2.run_instances( ImageId=imageId, MaxCount=123, MinCount=1, InstanceType='t2.micro' ) print 'launched instance with ami id: ' + imageId else: print 'did not launch instance'
  8. Open the CloudWatch console at

  9. Choose Events, Create rule. For Service Name, choose Server Migration Service (SMS). For Event Type, choose Server Migration Job State Change.

  10. Choose Target, Add Target.

  11. For Lambda function, select the Lambda function that you previously created and choose Configure details.

  12. On the Configure rule details page, type values for Name and Description. Select the State check box to activate the function (setting it to Enabled).

  13. Choose Create rule.

Your rule should now appear on the Rules tab. In the example shown, the configured event should launch an EC2 instance each time that you receive an AMI ID.