Using Route 53 ARC with Amazon EventBridge
Using Amazon EventBridge, you can set up event-driven rules that monitor your Amazon Route 53 Application Recovery Controller resources and initiate target actions that use other Amazon services. For example, you can set a rule for sending out email notifications by signaling an Amazon SNS topic when a practice run starts for zonal autoshift, or when a readiness check status changes from READY to NOT READY.
Note
For readiness check, Route 53 ARC only publishes EventBridge events in the US West (Oregon) (us-west-2) Amazon Region. To receive EventBridge events for readiness check, create EventBridge rules in the US West (Oregon) Region.
You can create rules in Amazon EventBridge to act on any of the following Route 53 ARC events:
-
Zonal shift and zonal autoshift. The event specifies status information about practice run zonal shifts and autoshifts, for example, when a practice run is in progress.
-
Recovery group readiness. The event specifies if recovery group readiness status changes, for example, from READY to NOT READY.
-
Cell readiness. The event specifies if cell readiness status changes, for example, from READY to NOT READY.
-
Readiness check readiness. The event specifies if readiness check status changes, for example, from READY to NOT READY.
To capture specific Route 53 ARC events that you're interested in, define event-specific patterns that EventBridge can use to detect the events. Event patterns have the same structure as the events that they match. The pattern quotes the fields that you want to match and provides the values that you're looking for.
Events are emitted on a best effort basis. They're delivered from Route 53 ARC to EventBridge in near real-time under normal operational circumstances. However, situations can arise that might delay or prevent delivery of an event.
For information about how EventBridge rules work with event patterns, see Events and Event Patterns in EventBridge.
Monitor a Route 53 ARC resource with EventBridge
With EventBridge, you can create rules that define actions to take when Route 53 ARC emits events for its resources. For example, you can create a rule that sends you an email message when Route 53 ARC starts a practice run for zonal autoshift.
To type or copy and paste an event pattern into the EventBridge console, select to the option to use Enter my own option in the console. To help you determine event patterns that might be useful for you, this topic includes examples of both Route 53 ARC event-matching patterns and Route 53 ARC events that you can use.
To create a rule for a resource event
Open the Amazon EventBridge console at https://console.amazonaws.cn/events/
. -
Choose the Amazon Web Services Region that you want to create the rule in. For readiness events, choose US West (Oregon). For other events, choose the Region that you're interested in watching events for.
-
Choose Create rule.
-
Enter a Name for the rule, and, optionally, a description.
-
For Event bus, leave the default value, default.
-
Choose Next.
-
For the Build event pattern step, for Event source, leave the default value, Amazon events.
-
Under Sample event, choose Enter my own.
-
For Sample events, type or copy and paste an event pattern.
Example Route 53 ARC event patterns
Event patterns have the same structure as the events that they match. The pattern quotes the fields that you want to match and provides the values that you're looking for.
You can copy and paste event patterns from this section into EventBridge to create rules that you can use to monitor Route 53 ARC actions and resources.
Zonal autoshift event pattern examples
This section includes examples of event patterns that you might use in EventBridge for the zonal autoshift capability in Route 53 ARC.
When you create event patterns for zonal autoshift events, you can specify any of the following
for the detail-type:
Autoshift In ProgressAutoshift CompletedPractice Run StartedPractice Run SucceededPractice Run InterruptedPractice Run Failed
When a practice run is interrupted, for more information about what caused the interruption,
see the additionalFailureInfo field.
To learn more about zonal autoshift, including practice runs, see Zonal autoshift in Amazon Route 53 Application Recovery Controller.
-
Select all events from Route 53 ARC zonal autoshift.
{ "source": [ "aws.arc-zonal-shift" ] } -
Select all events from Route 53 ARC zonal autoshift where a practice run has started..
{ "source": [ "aws.arc-zonal-shift" ], "detail-type": [ "Practice Run Started" ] } -
Select all events from Route 53 ARC zonal autoshift where a practice run has failed..
{ "source": [ "aws.arc-zonal-shift" ], "detail-type": [ "Practice Run Failed" ] }
Readiness check event pattern examples
The following event patterns provide examples that you might use in EventBridge for the readiness check capability in Route 53 ARC.
-
Select all events from Route 53 ARC readiness check.
{ "source": [ "aws.route53-recovery-readiness" ] } -
Select only events related to cells.
{ "source": [ "aws.route53-recovery-readiness" ], "detail-type": [ "Route 53 Application Recovery Controller cell readiness status change" ] } -
Select only events related to a specific cell called
MyExampleCell.{ "source": [ "aws.route53-recovery-readiness" ], "detail-type": [ "Route 53 Application Recovery Controller cell readiness status change" ], "resources": [ "arn:aws:route53-recovery-readiness::111122223333:cell/MyExampleCell" ] } -
Select only events when any recovery group, cell, or readiness check status becomes
NOT READY.{ "source":[ "aws.route53-recovery-readiness" ], "detail-type":{ "new-state":{ "readiness-status":[ "NOT_READY" ] } } } -
Select only events when any recovery group, cell, or readiness check becomes anything except
READY{ "source":[ "aws.route53-recovery-readiness" ], "detail":{ "new-state":{ "readiness-status":[ { "anything-but":"READY" } ] } } }
Example Route 53 ARC events
The following is an example Route 53 ARC event for a zonal autoshift action:
{ "version": "0", "id": "05d4d2d5-9c76-bfea-72d2-d4614802adb4", "detail-type": "Practice Run Interrupted", "source": "aws.arc-zonal-shift", "account": "111122223333", "time": "2023-11-16T23:38:14Z", "region": "us-east-1", "resources": [ "TEST-EXAMPLE-2023-11-16-23-28-11-5" ], "detail": { "version": "0.0.1", "data": { "additionalFailureInfo": "Practice run interrupted. The blocking alarm entered ALARM state." }, "metadata": { "awayFrom": "use1-az2" } } }
The following is an example Route 53 ARC event for a recovery group readiness status change:
{ "version": "0", "account":"111122223333", "detail-type":"Route 53 Application Recovery Controller recovery group readiness status change", "source":"route53-recovery-readiness.amazonaws.com", "time":"2020-11-03T00:31:54Z", "id": "1234a678-1b23-c123-12fd3f456e78", "region": "us-west-2", "resources":[ "arn:aws:route53-recovery-readiness::111122223333:recovery-group/BillingApp" ], "detail": { "recovery-group-name": "BillingApp", "previous-state": { "readiness-status": "READY|NOT_READY|UNKNOWN|NOT_AUTHORIZED" }, "new-state": { "readiness-status": "READY|NOT_READY|UNKNOWN|NOT_AUTHORIZED" } } }
The following is an example Route 53 ARC event for a cell readiness status change:
{ "version": "0", "account":"111122223333", "detail-type":"Route 53 Application Recovery Controller cell readiness status change", "source":"route53-recovery-readiness.amazonaws.com", "time":"2020-11-03T00:31:54Z", "id": "1234a678-1b23-c123-12fd3f456e78", "region": "us-west-2", "resources":[ "arn:aws:route53-recovery-readiness::111122223333:cell/PDXCell" ], "detail": { "cell-name": "PDXCell", "previous-state": { "readiness-status": "READY|NOT_READY|UNKNOWN|NOT_AUTHORIZED" }, "new-state": { "readiness-status": "READY|NOT_READY|UNKNOWN|NOT_AUTHORIZED" } } }
The following is an example Route 53 ARC event for a readiness check status change:
{ "version": "0", "account":"111122223333", "detail-type":"Route 53 Application Recovery Controller readiness check status change", "source":"route53-recovery-readiness.amazonaws.com", "time":"2020-11-03T00:31:54Z", "id": "1234a678-1b23-c123-12fd3f456e78", "region": "us-west-2", "resources":[ "arn:aws:route53-recovery-readiness::111122223333:readiness-check/UserTableReadinessCheck" ], "detail": { "readiness-check-name": "UserTableReadinessCheck", "previous-state": { "readiness-status": "READY|NOT_READY|UNKNOWN|NOT_AUTHORIZED" }, "new-state": { "readiness-status": "READY|NOT_READY|UNKNOWN|NOT_AUTHORIZED" } } }
Specify a CloudWatch log group to use as a target
When you create an EventBridge rule, you must specify the target where events that are matched to the rule are sent. For a list of available targets for EventBridge, see Targets available in the EventBridge console. One of the targets that you can add to an EventBridge rule is an Amazon CloudWatch log group. This section describes the requirements for adding CloudWatch log groups as targets, and provides a procedure for adding a log group when you create a rule.
To add a CloudWatch log group as a target, you can do one of the following:
Create a new log group
Choose an existing log group
If you specify a new log group using the console when you create a rule, EventBridge automatically creates the
log group for you. Make sure that the log group that you use as a target for the EventBridge rule starts with /aws/events.
If you want to choose an existing log group, be aware that only log groups that
start with /aws/events appear as options in the drop-down menu. For more information, see
Create a new log group
in the Amazon CloudWatch User Guide.
If you create or use a CloudWatch log group to use as a target using CloudWatch operations outside of the console, make sure that you set permissions correctly. If you use the console to add a log group to an EventBridge rule, then the resource-based policy for the log group is updated automatically. But, if you use the Amazon Command Line Interface or an Amazon SDK to specify a log group, then you must update resource-based policy for the log group. The following example policy illustrates the permissions that you must define in a resource-based policy for the log group:
{ "Statement": [ { "Action": [ "logs:CreateLogStream", "logs:PutLogEvents" ], "Effect": "Allow", "Principal": { "Service": [ "events.amazonaws.com", "delivery.logs.amazonaws.com" ] }, "Resource": "arn:aws:logs:region:account:log-group:/aws/events/*:*", "Sid": "TrustEventsToStoreLogEvent" } ], "Version": "2012-10-17" }
You can't configure a resource-based policy for a log group by using the console. To add the required permissions
to a resource-based policy, use the CloudWatch PutResourcePolicy
API operation. Then, you can use the
describe-resource-policies
To create a rule for a resource event and specify a CloudWatch log group target
Open the Amazon EventBridge console at https://console.amazonaws.cn/events/
. -
Choose the Amazon Web Services Region that you want to create the rule in.
-
Choose Create rule and then enter any information about that rule, such as the event pattern or schedule details.
For more information about creating EventBridge rules for Route 53 ARC, see Monitor a Route 53 ARC resource with EventBridge.
On the Select target page, choose CloudWatch as your target.
Choose a CloudWatch log group from the drop-down menu.