Posted On: Nov 20, 2020
Amazon EventBridge announces improvements to event bus resource policies that make it easier to build applications that work across accounts. With this change, you can now send events to, and create rules on event buses in another account while relying on the event bus resource policy to manage your permissions.
Amazon EventBridge is a serverless event bus that enables you to create scalable, event-driven applications by simplifying communication between components (microservices, SaaS applications, legacy applications and AWS services). Event-driven applications use events to take an action when a change occurs, for example, automatically assigning a customer support agent when a new support ticket is created. Developers embrace event-driven architectures because it enables them to decouple their microservices, making their applications more scalable, reliable, cost-effective, and simple to operate.
Increasingly, customers use multi-account architectures when building event-driven applications. This helps to reduce the blast radius of each application, and provides further independence to teams, which each use a separate account for their applications. EventBridge event buses make it easy to route events between accounts, and now you can use granular permissions to control which events can flow across accounts.
Using event bus resource policies, you can configure the type of events that can be published to or consumed from an event bus, for example only allowing certain accounts in your organization to route events that contain sensitive information, or limiting the publishing of events to accounts tagged with “Production”, ensuring your development accounts don’t accidentally send events into your production environment.
Amazon EventBridge is available in all AWS Commercial and GovCloud (US) Regions. To learn more about Amazon EventBridge, please visit the Amazon EventBridge page.