Getting CloudTrail event to a Lambda function

0
votes

Is there a way to get event information, specifically the ARN of the service causing the event, to a lambda function?

In my previous question, I asked for some help with using Cloudwatch and Cloudtrail to get the info. I think it was mostly just an misunderstanding of the rules, but now I'm concerned if there is anyway to make a generalized solution.

I know I could do it for a specific service successfully, but I wish to have a generalized rule to trigger the function. Cloudwatch logs or events seem to be the right answer for this, but I'm no longer confident about that with my trouble with my Cloudwatch Cloudtrail rule.

Just to fully lay out my goal, I wish to have a lambda function trigger at the creation of any service and get access to that new services' ARN, so that I may do verification of the process.

1
amazon-web-servicesaws-lambdaamazon-cloudwatchamazon-cloudtrail

1 Answers

1
votes

Yes, it is possible, however, each event has different event properties, and you need to check where to get this information.

For example, if your lambda is triggered by CloudFormation, you can get the Stack Id (ARN) with event['StackId'].

{
  "StackId": stackidarn,
  "ResponseURL": "http://pre-signed-S3-url-for-response",
  "ResourceProperties": {
    "StackName": "stack-name",
    "List": [
      "1",
      "2",
      "3"
    ]
  },
  "RequestType": "Create",
  "ResourceType": "Custom::TestResource",
  "RequestId": "unique id for this create request",
  "LogicalResourceId": "MyTestResource"
}

You can see details about each event generated in http://docs.aws.amazon.com/lambda/latest/dg/eventsources.html.

If you want to debug in real time to check the event content, you can find some solution like lambda-toolkit