Amazon EventBridge API Destinations with OAuth credentials using CMK encryption

Amazon EventBridge rule → Connection → API

Create an Amazon EventBridge rule and API Destination with OAuth credentials using Customer Managed Key (CMK) encryption

This pattern configures an Amazon EventBridge rule that routes to an API Destinations target using Oauth credentials with Customer Managed Key (CMK) encryption. It configures a Connection, which contains the authorization for the API endpoint with CMK encryption, and the API, which contains the URL, http method, and other configuration information.

< Back to all patterns

Language:: Node.js
Framework:: AWS SAM

Download this pattern (.zip)

View this pattern on GitHub

Clone repo

git clone https://github.com/aws-samples/serverless-patterns/cd serverless-patterns/eventbridge-api-destinations

Deploy

cd ./12-oauth-api-with-cmk-encryptionsam deploy --guided

Testing

1. From a command line in this directory, send a test event to EventBridge simulating a "EventBridge CMK Demo success" event: aws events put-events --entries file://testEvent.json

Cleanup

1. Delete the stack: sam delete --stack-name STACK_NAME.

2. Confirm the stack has been deleted: aws cloudformation list-stacks --query "StackSummaries[?contains(StackName,'STACK_NAME')].StackStatus"

Additional resources

Amazon EventBridge now supports Customer Managed Keys (CMK) in API destinations connections

Encrypting EventBridge connection authorization with AWS KMS keys

Using API destinations with Amazon EventBridge

Use Amazon EventBridge to Build Decoupled, Event-Driven Architectures

Created by:

Rajesh Kumar

Rajesh Kumar is a Technical Account Manager (TAM) at Amazon Web Services (AWS) and contributor to ServerlessLand. He is passionate about serverless and wants to help everyone get started with serverless and what can be done with it.

Follow on LinkedIn

Biswanath Mukherjee

Sr. Solutions Architect working at AWS India.

Follow on LinkedIn