Amazon EventBridge rule to AWS Systems Manager automation

Amazon EventBridge → AWS Systems Manager

Create an EventBridge Rule to trigger an AWS Systems Manager automation runbook.

This pattern will create an EventBridge rule that is configured to trigger when an EC2 instance goes into the "running" state. The rule will then execute the AWSSupport-ConfigureEC2Metadata Automation Runbook against that instance to disable IMDSv1.

< Back to all patterns

Language:: YAML
Framework:: AWS SAM

Download this pattern (.zip)

View this pattern on GitHub

Clone repo

git clone https://github.com/aws-samples/serverless-patterns/cd serverless-patterns/eventbridge-rule-to-ssm-automation-sam

Deploy

sam deploy --guided

Testing

Once the stack is deployed, launch a new EC2 Instance, and then navigate to https://console.aws.amazon.com/systems-manager/automation/executions. There will be a new execution of the `AWSSupport-ConfigureEC2Metadata` document against the new instance.

Cleanup

1. Delete the stack: sam delete --stack-name STACK_NAME.

2. Confirm the stack has been deleted: aws cloudformation list-stacks --query "StackSummaries[?contains(StackName,'STACK_NAME')].StackStatus"

Additional resources

EventBridge Rules User Guide

SSM Automation User Guide

Created by:

Syed Hussain

AWS Partner Solutions Architect