DEVHIDE
Login Or Sign up

Control Tower Life Cycle Events

246 Views Asked by At

Can Control Tower life cycle events be used to trigger terraform script? For example, after successful creation of an account, trigger a terraform script to create a VPC.

amazon-web-services aws-control-tower
Original Q&A
1

There are 1 best solutions below

0
Yann Stoneman On

You can use Amazon EventBridge:

  1. In the AWS management console, go to EventBridge and "Create Rule".
  2. Define pattern: choose "Event pattern" > pre-defined pattern by service, service provider: AWS, service name: Control Tower, Event Type: All Events.
  3. Configure a Lambda function (for custom deployment logic) or CodePipeline as the target.

Additional thoughts:

  • You don't have to use the AWS management console -- you can use infrastructure as code instead. However, EventBridge Terraform doesn't yet natively support Event Bridge, so you can do it with an aws_cloudformation_stack resource, as described in in another stackoverflow question.
  • If you use event type: All Events, it will trigger your Lambda function for every action taken in Control Tower. You can filter out everything except account-creation events in your Lambda code.
    • However, if you want to limit those Lambda invocations and filter the events within EventBridge instead of within the Lambda code, you can refine the event pattern by logging the event in your function code, inspect the event payload in CloudWatch Logs and use that json information to make the json of your event pattern more specific.

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AWS-CONTROL-TOWER

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.