Amazon EventBridge: The Serverless Event Bus
Amazon EventBridge is a serverless event bus that makes it easy to connect applications using data from your own applications, integrated SaaS applications, and AWS services. It is the evolution of CloudWatch Events, providing a more robust framework for building event-driven architectures at scale.
Topics covered:
Summary of key subtopics covered in this guide:
- Event Buses (Default, Custom, SaaS)
- Event Patterns and Rules
- EventBridge Pipes
- Schema Registry and Discovery
- API Destinations (Third-party integrations)
- Security and Cross-Account Patterns
Core Concepts & Architecture
1. Event Buses
An event bus receives events. There are three main types:
- Default Event Bus: Receives events from AWS services (e.g., EC2 state changes, S3 events).
- Custom Event Bus: For your own applications. You send events here using the
PutEventsAPI. - SaaS Event Bus: Used to receive events from integrated partners like Zendesk, Datadog, or PagerDuty.
2. Rules and Event Patterns
Rules act as filters. They match incoming events based on an Event Pattern (a JSON object). If an event matches, it is routed to up to 5 targets. You can also use Input Transformers to reshape the JSON data before it reaches the target.
3. EventBridge Pipes
Pipes provide a way to create point-to-point integrations between event producers and consumers with optional filtering, enrichment (using Lambda or Step Functions), and transformation. It reduces the “glue code” often required in serverless apps.
Comparison: EventBridge vs. SNS
| Feature | Amazon EventBridge | Amazon SNS |
|---|---|---|
| Primary Focus | Complex routing & SaaS integration | High-throughput pub/sub |
| Event Schema | Supports Schema Registry | No built-in schema registry |
| SaaS Integration | Native support for 3rd party SaaS | Manual integration required |
| Latency | ~500ms (Near real-time) | <30ms (Real-time) |
| Targets | 28+ AWS Services | Limited (Lambda, SQS, HTTP, SMS, Email) |
Decision Matrix / If–Then Guide
| If the requirement is… | Then choose… |
|---|---|
| Reacting to AWS resource state changes | EventBridge (Default Bus) |
| Integrating Zendesk or Shopify events into AWS | EventBridge SaaS Partner Bus |
| Fan-out to thousands of HTTP endpoints with low latency | Amazon SNS |
| Decoupling microservices with complex JSON filtering | Amazon EventBridge |
| Scheduling a task (Cron job) in a serverless way | EventBridge Scheduler |
Exam Tips and Gotchas
- Cross-Account Access: EventBridge supports cross-account event delivery. You must add a resource-based policy to the target event bus to allow the source account to
PutEvents. - Schema Discovery: If you don’t know the structure of events coming from a team, enable Schema Discovery to automatically map the JSON structure.
- API Destinations: This is the key feature for sending AWS events to 3rd party webhooks (like Slack or a custom API) without writing a Lambda function.
- Reliability: EventBridge provides at-least-once delivery. It retries for up to 24 hours with exponential backoff.
- The 5 Target Limit: A single rule can trigger up to 5 targets. If you need more, use multiple rules or route to an SNS topic first.
Amazon EventBridge Ecosystem
IAM & Policies
Use Identity-based policies to control who can create buses/rules. Use Resource-based policies on the Event Bus to allow events from other accounts or specific AWS services.
Scaling
EventBridge is serverless and scales automatically. Default quotas vary by region (e.g., 10,000 requests per second), but these are soft limits that can be increased via Service Quotas.
Optimization
Free: All events from AWS services.
Paid: $1.00 per million events for custom events and SaaS events. Cross-account events are charged in the sending account.
Production Use Case: Automated Security Response
Scenario: An IAM Access Key is created.
Flow: CloudTrail logs the event → EventBridge Rule matches CreateAccessKey → Target 1: Lambda (tags the key) → Target 2: SNS (notifies Security Team) → Target 3: Step Functions (starts a compliance check).