Amazon EventBridge

Amazon EventBridge

  • Amazon EventBridge is a serverless event bus service that makes it easy to connect applications with data from a variety of sources.
  • EventBridge enables building loosely coupled and distributed event-driven architectures.
  • EventBridge provides a simple and consistent way to ingest, filter, transform, and deliver events so you can build new applications quickly.
  • EventBridge delivers a stream of real-time data from applications, SaaS applications, and AWS services, and routes that data to targets such as AWS Lambda.
  • EventBridge supports routing rules to determine where to send the data to build application architectures that react in real-time to all of the data sources.
  • EventBridge supports event buses for many-to-many routing of events between event-driven services.
  • EventBridge provides Pipes for point-to-point integrations between sources and targets, with support for advanced transformations and enrichment.
  • EventBridge provides Scheduler for creating, running, and managing scheduled tasks at scale.
  • EventBridge provides schemas, which define the structure of events, for all events that are generated by AWS services.
  • EventBridge extends its predecessor, Amazon CloudWatch Events, and provides a near real-time stream of system events that describe changes to AWS resources.
  • EventBridge is directly integrated with over 200 event sources and over 20 targets.

EventBridge Components

EventBridge Components

  • EventBridge receives an event on an event bus and applies a rule to route the event to a target.
  • Event sources
    • An event source is used to ingest events from AWS Services, applications, or SaaS partners.
    • EventBridge is natively integrated with SaaS applications including Shopify, BuildKite, Datadog, OneLogin, PagerDuty, Saviynt, Segment, Stripe, Zendesk, and many others.
  • Events
    • An event is a real-time indicator of a change in the environment such as an AWS environment, a SaaS partner service or application, or one of your applications or services.
    • All events are associated with an event bus.
    • Events are represented as JSON objects and they all have a similar structure and the same top-level fields.
    • Contents of the detail top-level field are different depending on which service generated the event and what the event is.
    • An event pattern defines the event structure and the fields that a rule matches.
  • Event buses
    • Event bus is a pipeline that receives events.
    • Each account has a default event bus that receives events from AWS services. Custom event buses can be created to send or receive events from a different account or Region.
    • Partner event buses can be created to receive events from SaaS partner applications.
  • Rules
    • Rules associated with the event bus evaluate events as they arrive.
    • Rules match incoming events to targets based either on the structure of the event, called an event pattern, or on a schedule.
    • Each rule checks whether an event matches the rule’s criteria.
    • A single rule can send an event to multiple targets, which then run in parallel.
    • Up to five targets can be defined for each rule.
    • Rules that are based on a schedule perform an action at regular intervals.
  • Targets
    • A target is a resource or endpoint that EventBridge sends an event to when the event matches the event pattern defined for a rule.
    • The rule processes the event data and sends the relevant information to the target.
    • EventBridge needs permission to access the target resource to be able to deliver event data to the target.
    • Supported targets include AWS Lambda, Amazon SQS, Amazon SNS, AWS Step Functions, Amazon Kinesis Data Streams, Amazon Kinesis Data Firehose, and more.
    • EventBridge also supports API Destinations as targets for sending events to any HTTPS endpoint.
  • EventBridge allows events to be archived and replayed later.

EventBridge Pipes

  • EventBridge Pipes is a serverless integration resource for building point-to-point integrations between event producers and consumers.
  • Pipes provide a simpler and consistent way to integrate sources with targets without writing additional code.
  • Pipes support four sequential stages: Source → Filter → Enrichment → Target.
  • Supported sources include Amazon DynamoDB Streams, Amazon Kinesis Data Streams, Amazon MQ, Amazon MSK, Apache Kafka, Amazon SQS.
  • Supported targets include over 14 AWS services including Lambda, Step Functions, SQS, SNS, Kinesis Data Streams, Kinesis Data Firehose, EventBridge event buses, and API destinations.
  • Filtering enables processing only a targeted subset of events using event patterns.
  • Enrichment allows enhancing data by calling Lambda, Step Functions, API Gateway, or API destinations before sending to the target.
  • Pipes support logging to Amazon CloudWatch Logs, Amazon S3, and Amazon Kinesis Data Firehose for improved observability.
  • Pricing is based on events processed at $0.40 per million events.

EventBridge Scheduler

  • Amazon EventBridge Scheduler is a serverless scheduler that allows creating, running, and managing scheduled tasks at scale.
  • EventBridge Scheduler can schedule one-time or recurring tens of millions of tasks across many AWS services without provisioning or managing underlying infrastructure.
  • Scheduler is highly customizable and offers improved scalability over EventBridge scheduled rules, with a wider set of target API operations and AWS services.
  • Supports three schedule types:
    • Rate-based schedules – run at regular intervals (e.g., every 5 minutes).
    • Cron-based schedules – run at specific times using cron expressions.
    • One-time schedules – run once at a specific date and time.
  • Can invoke over 200 AWS services as targets using the universal target (any AWS API).
  • Supports flexible time windows for delivery, retry limits, and maximum retention time for failed API invocations.
  • Supports schedule groups for organizing and managing related schedules.
  • Supports automatic deletion – EventBridge Scheduler automatically deletes the schedule after its last target invocation.
  • Scheduler provides independent functionality from event buses and rules.

EventBridge Global Endpoints

  • Global endpoints provide an easier and reliable way to improve the availability of event-driven applications.
  • Global endpoints automatically fail over event ingestion to a secondary Region during service disruptions without manual intervention.
  • Event replication (optional) is built-in to send all custom events to event buses in both primary and secondary Regions using managed rules.
  • Uses Amazon Route 53 health checks (backed by CloudWatch Alarms) to determine when to fail over and when to route events back to the primary Region.
  • Minimizes data loss during service disruptions.
  • Reduces operational burden with automatic failover and recovery capability.

EventBridge Schema Registry

  • Schema Registry stores event schemas in a shared central location that developers can easily search and access.
  • Schemas for AWS services are automatically available in the registry.
  • Schema Discovery can be enabled on an event bus to automatically detect and add schemas for all events flowing through the bus.
  • Supports cross-account event discovery.
  • Schema Registry can generate code bindings for Java, Python, and TypeScript, allowing events to be used as objects in code.
  • Schemas are stored in OpenAPI or JSONSchema formats.
  • Schema Discovery does not support events larger than 1000 KiB.

EventBridge API Destinations

  • API Destinations enable sending events to any web-based application with an HTTPS endpoint without writing custom code.
  • Supports routing events to on-premises, SaaS, and third-party applications.
  • Provides built-in authentication support (Basic, OAuth, API Key).
  • Supports rate limiting to control throughput to the destination.
  • Uses connections to define authorization methods, credentials, and network connectivity.
  • Supports integration with private APIs powered by AWS PrivateLink and Amazon VPC Lattice (announced December 2024), enabling secure connectivity to private resources across VPCs, accounts, and on-premises environments.
  • Supports input transformations to map event format to the receiving service format.

Event Archive and Replay

  • EventBridge allows events to be archived for later replay.
  • Event Replay enables reprocessing past events back to an event bus or a specific rule.
  • Useful for debugging applications, hydrating targets with historic events, and recovering from errors.
  • Events can be stored for compliance requirements.

EventBridge Enhanced Logging

  • Enhanced logging (launched July 2025) enables monitoring and debugging event-driven applications with comprehensive logs.
  • Supports logging to Amazon CloudWatch Logs, Amazon S3, and Amazon Kinesis Data Firehose.
  • Logs results from rule matching, errors, and target invocations for event buses.
  • Helps track event lifecycles and gain deeper insights into event processing.

EventBridge Data Plane CloudTrail Logging

  • EventBridge supports logging data plane APIs using AWS CloudTrail (announced May 2026).
  • Enables greater visibility into event bus activity, including PutEvents API calls.
  • The feature is opt-in and provides enhanced security auditing and operational troubleshooting capabilities.
  • Additional charges apply for CloudTrail data events.

EventBridge Enhanced Visual Rule Builder

  • EventBridge introduced an enhanced visual rule builder (November 2025) with a drag-and-drop console-based interface.
  • Includes a comprehensive event catalog for discovering and subscribing to events from custom applications and over 200 AWS services.
  • Simplifies the process of creating rules by providing a visual canvas for building rules and targets.

EventBridge Security and Compliance

  • Integrates with AWS IAM for controlling access to resources.
  • Supports VPC endpoints via AWS PrivateLink.
  • Encryption in transit using TLS 1.2.
  • GDPR, SOC, ISO, DoD CC SRG, and FedRAMP compliant.
  • HIPAA eligible.

EventBridge Key Features Summary

  • Provides at-least-once event delivery to targets, with retry and exponential backoff for up to 24 hours.
  • Events are stored durably across multiple Availability Zones (AZs).
  • 99.99% availability SLA.
  • Pay-per-use pricing model – pay only for events published to the event bus.
  • All state change events published by AWS services are free.
  • Supports cross-account and cross-region event routing.

AWS Certification Exam Practice Questions

  • Questions are collected from Internet and the answers are marked as per my knowledge and understanding (which might differ with yours).
  • AWS services are updated everyday and both the answers and questions might be outdated soon, so research accordingly.
  • AWS exam questions are not updated to keep up the pace with AWS updates, so even if the underlying feature has changed the question might not be updated
  • Open to further feedback, discussion and correction.
  1. A company wants to be alerted through email when IAM CreateUser API calls are made within its AWS account. Which combination of actions should a SysOps administrator take to meet this requirement? (Choose two.)
    1. Create an Amazon EventBridge rule with AWS CloudTrail as the event source and IAM CreateUser as the specific API call for the event pattern.
    2. Create an Amazon EventBridge rule with Amazon CloudSearch as the event source and IAM CreateUser as the specific API call for the event pattern.
    3. Create an Amazon EventBridge rule with AWS IAM Access Analyzer as the event source and IAM CreateUser as the specific API call for the event pattern.
    4. Use an Amazon Simple Notification Service (Amazon SNS) topic as an event target with an email subscription.
    5. Use an Amazon Simple Email Service (Amazon SES) notification as an event target with an email subscription.
  2. A company needs to schedule millions of one-time notifications to be sent to mobile devices at specific times. The scheduled times vary for each notification. Which AWS service should the solutions architect recommend?
    1. Amazon EventBridge scheduled rules
    2. Amazon EventBridge Scheduler
    3. AWS Lambda with Amazon CloudWatch Events
    4. Amazon SQS with delay queues
  3. A development team wants to create a point-to-point integration that processes events from an Amazon SQS queue, filters specific events, enriches them with data from a Lambda function, and delivers them to an Amazon Kinesis Data Stream. Which EventBridge feature should they use?
    1. EventBridge Rules with multiple targets
    2. EventBridge API Destinations
    3. EventBridge Pipes
    4. EventBridge Schema Registry
  4. A company wants to build a highly available event-driven application that automatically fails over to a secondary Region during service disruptions. Which EventBridge feature should they implement?
    1. EventBridge cross-Region event routing with rules
    2. EventBridge Archive and Replay
    3. EventBridge Global Endpoints
    4. EventBridge Pipes with multi-region targets
  5. A solutions architect needs to send events from an EventBridge event bus to a third-party SaaS application’s REST API endpoint. The endpoint requires OAuth authentication and rate limiting. Which feature should be used?
    1. EventBridge Pipes with an HTTP enrichment
    2. EventBridge rule targeting AWS Lambda
    3. EventBridge API Destinations
    4. EventBridge Partner Event Source
  6. A company wants to invoke a private API hosted in their VPC directly from EventBridge without traversing the public internet. Which combination of services enables this? (Choose two.)
    1. Amazon VPC Lattice resource configuration
    2. Amazon API Gateway public endpoint with VPC link
    3. AWS Direct Connect with EventBridge
    4. EventBridge API Destinations with private API connection
    5. EventBridge Pipes with VPC target

References