Search code examples
amazon-web-servicesamazon-ec2aws-lambdaamazon-cloudwatch

AWS EC2 get notified when a tag changes

I want to call a lambda function when my EC2 tag "Something" changes. Is it possible? If I cannot listen to changes to a specific tag, I could listen on EC2 config changes. How can I do that? I am not sure which option to select on cloudwatch events ...

UPDATE

I tried AWS Config, but it appears that it only monitors config changes when instance is started?

Solution

  • Yes, you can use Amazon CloudWatch Events with AWS CloudTrail to call a Lambda function, triggered off a CreateTags event. (Changing a tag is actually treated as creating a tag.)

    • Turn on AWS CloudTrail for your region (this involves pointing it to an Amazon S3 bucket for log storage)
    • Create an Amazon SNS topic
    • Create an AWS Lambda function with a trigger on the SNS topic
    • Create an Amazon CloudWatch Events rule:
      • Service Name: EC2
      • Event Type: AWS API Call via CloudTrail
      • Specific Operations: CreateTags
      • Add Target: Select your Lambda function

    Your Lambda function will receive a notification when a tag is created/changed.