How do I specify another AWS account’s Event Bus as a target of an EventBridge rule using CloudFormation or CDK?

Question:

How do I specify another AWS account’s event bus as the target of a CloudWatch Rule using CloudFormation or CDK?

Here is an example Rule using CDK where I try to send CodeDeploy events to another account:

How do I specify another account’s EventBus as the target? What’s the syntax – is it an ARN or what?

Answer:

To relay CW events from Acc1 to Acc2 in CloudFormation, three things are needed:

1. Acc2 – EventBusPolicy

AWS::Events::EventBusPolicy which allows Acc1 to submit events. Eg:

2. Acc1 – Iam Role for CW

IAM role that allows CW Events in Acc1 to publish events to Acc 2. Example:

where AccountId and RegionId are Acc2 values, not Acc1.

3. Acc1 – CW Event rule to rely events to Acc2’s bus

It will use IAM role from step 2. For example, to rely CodeCommits events (I set it up before, so I know it works):

where AccountId and RegionId are Acc2 values, not Acc1.

Leave a Reply