This new capability in EventBridge is going to simplify your cross-account Event Driven Architecture!
AWS introduced cross account targets for EventBridge event buses today. Now you can add SQS, Lambda or SNS as targets from a different account. Previously only EventBridge in another account could be added.
The architecture diagram from the AWS blog is attached in this post. It perfectly captures everything you need to know about this feature.
Remember to do these two things:
- Add relevant execution "role" in source AWS account EventBridge rule.
- Apply "resource policy" to SQS/SNS/Lambda in the Target Account.
"Role" for Source Account and "Resource policy" for Target account. Everything else is same as before.
This makes sure security is taken care from both Source and Target AWS accounts and avoids any abuse or DDoS situations.
Read the AWS Blog post here
If you are new to my posts, I regularly post about AWS, EKS, Kubernetes and Cloud computing related topics. Do follow me on LinkedIn and visit my website (https://vijay.eu/posts) where I have all my previous posts at one place.
Source: View source
