AWS Application Services

Amazon EventBridge

6 min read
Updated June 24, 2025
6,846 characters

What is Amazon EventBridge?

Amazon EventBridge is a serverless, scalable event bus service that allows you to route events between different application components. It acts as a central nervous system for your cloud architecture, ingesting a stream of real-time data from various event sources and routing those events to targets like AWS Lambda functions, Amazon SQS queues, or any HTTP API endpoint.

EventBridge is the evolution of Amazon CloudWatch Events, built on the same underlying infrastructure but with extended capabilities, most notably the direct integration with third-party SaaS partners and your own applications.

Core Concepts: The Event Bus

The fundamental components of EventBridge work together to filter and deliver events across a decoupled architecture.

  • Event: A JSON object that represents a change in a system. This could be a change in an AWS resource's state (e.g., an EC2 instance terminating), a custom application event, or an event from a SaaS partner (e.g., a new ticket created in Zendesk).

  • Event Source: The service or application that emits an event. This can be one of over 200 AWS services, a custom application, or a third-party SaaS provider.

  • Event Bus: The router that receives events. EventBridge organizes events through different types of buses:

    • Default Event Bus: This bus exists in every AWS account by default and automatically receives events from AWS services.

    • Custom Event Bus: You create these buses to handle events from your own custom applications. This is best practice for isolating your application's events from AWS service events.

    • Partner Event Bus: These are created to receive events from SaaS partners (like Zendesk, Datadog, or Shopify). You must associate a partner event bus with a specific partner source to begin receiving events.

  • Rule: A filter that matches incoming events based on their structure and content (the event pattern). When an incoming event on an event bus matches the pattern defined in a rule, EventBridge forwards that event to the specified targets.

  • Target: The destination that processes an event. A single rule can route an event to multiple targets in parallel. Common targets include:

    • AWS Lambda functions

    • Amazon SQS queues

    • Amazon SNS topics

    • AWS Step Functions state machines

    • Amazon Kinesis Streams and Firehose

    • API Destinations (any HTTP endpoint)

Key Features

Beyond the core routing mechanism, EventBridge offers several powerful features for more advanced integrations.

EventBridge Pipes

Pipes provide a simple, reliable, and cost-effective way to create point-to-point integrations between a single event source and a single target. This is ideal for simple workflows where you don't need the many-to-many routing capabilities of an event bus.

  • Source: A pipe can pull events from sources like Amazon SQS, DynamoDB Streams, Kinesis Streams, and more.

  • Enrichment (Optional): Before sending the event to the target, you can call an API (like a Lambda function or an API Gateway) to enrich the event data.

  • Target: The pipe delivers the event to a single destination.

EventBridge Scheduler

The Scheduler is a serverless scheduler that allows you to create, run, and manage scheduled tasks at scale. It is more powerful and flexible than classic EventBridge Scheduled Rules.

  • One-time or Recurring Schedules: Configure jobs to run once at a specific time or on a recurring basis using cron or rate expressions.

  • Universal Target Support: Can invoke over 270 AWS services and more than 6,000 API operations as targets.

  • Resilience: Includes built-in retry policies and flexible time windows to ensure tasks are reliably delivered.

Schema Registry

The Schema Registry stores event schemas (the structure of an event) in a shared, central location.

  • Discoverability: It can automatically discover and add schemas from your event bus to the registry.

  • Code Bindings: You can download code bindings for your event schemas directly into your IDE, allowing you to represent events as strongly-typed objects in your code.

How It Works: A Typical Flow

  1. Event Generation: An event source (e.g., Amazon S3) generates an event when an action occurs (e.g., an object is uploaded).

  2. Ingestion: The event is sent to an event bus. AWS service events go to the default bus; custom events go to a custom bus.

  3. Rule Matching: The event bus evaluates all rules configured on it. If the event's JSON structure matches a rule's event pattern, the rule is triggered.

  4. Target Invocation: The rule forwards the event to its configured target(s). If the target is a Lambda function, the event is passed as the function's payload.

  5. Processing: The target service processes the event to perform the desired business logic.

Common Use Cases

  • Decouple Microservices: Enable asynchronous communication between services. Instead of one service calling another directly via an API, it can emit an event to an event bus, and any interested services can subscribe to that event.

  • Real-time Response to System Changes: Automatically trigger a Lambda function to perform a compliance check whenever a new EC2 instance is launched or a security group is modified.

  • SaaS Integration: Synchronize data between systems. For example, when a new customer is created in Salesforce (SaaS event), trigger a workflow to provision their account in your application's database.

  • Fan-out Messaging: Send a single event to multiple targets simultaneously. For example, when an order is placed, you can fan out the OrderCreated event to an SQS queue for the shipping department, a Lambda function to process payment, and an SNS topic to notify the customer.

  • Scheduled Automation: Use the EventBridge Scheduler to automatically stop development EC2 instances every night to save costs or to trigger a monthly data archiving process.

Security

  • IAM (Identity and Access Management): Use IAM policies to control which users and roles can create, modify, or delete EventBridge resources (buses, rules). Resource-based policies on event buses can control which accounts or services can publish events to them.

  • Encryption: All events are encrypted in transit using TLS 1.2. For encryption at rest, you can configure event buses and pipes with AWS KMS keys (either AWS-managed or customer-managed).

  • API Destinations: When using API Destinations to send events to external HTTP endpoints, you can use Connections to securely store and manage authentication credentials (like API keys or OAuth details) in AWS Secrets Manager.

📚 Recommended AWS Resources

AWS Certified Solutions Architect Study Guide
Complete preparation for AWS certification exams
AWS Cookbook
Practical recipes for AWS cloud solutions
As an Amazon Associate, we earn from qualifying purchases.
Back to All