Extending SaaS Application Data into Your AWS Environment with Amazon EventBridge
By Mike Deck, Principal Solutions Architect at AWS
Modern cloud applications enable companies to make informed decisions using real-time data from a variety of sources, including their own applications, AWS services, and Software-as-a-Service (SaaS) applications.
Accessing all of this data can be challenging for developers because they need to write code to access the Application Programming Interface (API) for each application. As the number of applications in an enterprise increases, the number of point-to-point connections grows exponentially and becomes complex to manage.
Many companies address this challenge by polling applications for data changes, but this is costly for both parties and leads to unnecessary lag in events being processed. Others use webhooks, which still require the customer to run an internet-facing HTTP endpoint. This comes with a set of challenges.
For this reason, developers are increasingly building event-driven architectures to simplify the management of complex systems. In the event-driven model, application components communicate with events. An event is a signal that a system’s state has changed, such as a change in the status of a customer support ticket in an application like Zendesk.
In this post, we’ll cover how Amazon EventBridge makes it easier to build event-driven architectures with data from all sources, including those using data from SaaS applications.
Introducing Amazon EventBridge
At the AWS Summit in New York, we introduced Amazon EventBridge, a serverless event bus service that makes it easy to connect application data from a variety of sources and send it to your Amazon Web Services (AWS) environment.
EventBridge delivers a stream of real-time event data from AWS services, SaaS applications, and your own applications, routing that data to targets like AWS Lambda. EventBridge makes it easy to build scalable event-driven applications because it handles event ingestion and delivery, security, authorization, and error-handling for you.
EventBridge launched with support for 10 SaaS integration partners, which you can read about below.
We heard that customizing a SaaS platforms is challenging to do in a way that is secure, performant, and cost-efficient in a multi-tenant context. With EventBridge you can add a single integration to your platform that allows customers to extend your product into AWS, integrating it with their own systems using services like AWS Lambda, AWS Step Functions, and Amazon Simple Queue Service (SQS).
EventBridge is built on top of the Amazon CloudWatch Events API you may already be familiar with. CloudWatch Events is an event bus that allows customers to use events to monitor changes in their AWS resources.
Customers consistently told us that an event bus is the optimal pattern for accessing changes to application data in real-time. In fact, Forrest Brazeal, one of our AWS Serverless Heroes, recently published a blog calling CloudWatch Events, called “The Best Kept Secret in Serverless Computing.”
We decided not to keep that secret, and instead, added functionality to CloudWatch Events that enables you to connect data from your own apps and third-party SaaS apps, and released this functionality as Amazon EventBridge.
Amazon EventBridge Features
Your AWS applications can take action based on events that SaaS applications generate. EventBridge is natively integrated with SaaS applications, including 10 SaaS applications with additional integrations planned.
You don’t need to manage any integration setup, such as authentication or webhooks; events from your SaaS provider simply appear on your event bus.
Built-In Event Sources and Targets
EventBridge is directly integrated with more than 100 event sources and targets, including AWS Lambda, Amazon SQS, Amazon Simple Notification Service (SNS), AWS Step Functions, Amazon Kinesis Data Streams, Amazon Kinesis Data Firehose, and more, with additional sources and targets planned.
All mutating API calls (i.e. all calls except Describe*, List*, and Get*) across all AWS services generate events through AWS CloudTrail.
Events From Your Own Applications
You can use EventBridge as a centralized event bus for your enterprise applications and microservices, sending events from your own applications to an event bus via the service’s PutEvents API. Other applications can then receive events through any of the many supported AWS target services.
You can filter events with rules. A rule matches incoming events for a given event bus and routes them to targets for processing. A single rule can route to multiple targets, all of which are processed in parallel.
Rules allow different application components to look for and process events that are of interest to them. A rule can customize an event before it’s sent to the target by passing along only certain parts, or by overwriting it with a constant. You can also have multiple rules that match on the same event, so different microservices or applications can choose to match events based on specific filters.
Security and Compliance
EventBridge is integrated with AWS Identity and Access Management (IAM) so that you can control which users and resources have permission to access your data and how they can access it.
EventBridge supports encryption in transit using TLS 1.2 and VPC endpoints. EventBridge is GDPR, SOC, ISO, DoD CC SRG, and FedRamp compliant, and is also HIPAA-eligible.
Saas Integration Partners
One of the most exciting aspects of Amazon EventBridge is that customers can use it to access data from SaaS applications. EventBridge ingests data from supported SaaS applications and routes it to AWS service targets through native integration in the EventBridge and AWS Lambda consoles.
With EventBridge, customers can use data from their SaaS apps to trigger workflows for customer support, business operations and more. Learn more about how customers can use the integrations of our supported SaaS partners.
Datadog is a monitoring platform for cloud applications that brings together data from servers, containers, databases, and third-party services to make your stack entirely observable. You can route Datadog application monitoring alerts into EventBridge to run analytics queries, auto-remediation pipelines and more.
OneLogin connects people with technology through a simple and secure login, empowering organizations to access the world. You can stream events data from OneLogin to EventBridge to trigger custom identity workflows, based on things like high-risk or suspicious login activities.
PagerDuty helps AWS users automatically turn any signal into the right insight and action. This proactively mitigates customer-impacting issues and allows organizations to innovate and scale both their AWS and hybrid environments with confidence. With EventBridge, you can use PagerDuty event data, like security, compliance, or resource deployment, to trigger event-driven workflows across the AWS ecosystem.
Saviynt enables enterprises to secure applications, data, and infrastructure in a single platform for cloud and enterprise. You can send Saviynt events to EventBridge when employees join, leave, or change roles in an organization to trigger employee lifecycle management workflows in AWS.
Segment provides the customer data infrastructure that businesses use to put their customers first. With Segment, companies can collect, unify, and connect their first-party data to over 250 marketing, analytics, and data warehousing tools. With Segment, you can send first-party customer data to EventBridge for processing with services like Amazon SQS.
SignalFx is a real-time cloud monitoring platform for infrastructure, microservices, and applications. It collects and analyzes metrics and traces across every component in your cloud environment. You can identify issues that affect application performance and send events to EventBridge to trigger remediation actions in real-time.
SugarCRM enables businesses to create extraordinary customer relationships with an empowering, adaptable, and affordable customer relationship management (CRM) platform. You can use changes in customer data within a CRM to send events to EventBridge and trigger a workflow for things like billing or resource provisioning.
Symantec Corporation is a cyber security company that helps organizations, governments, and people secure their most important data wherever it lives. With EventBridge integration, Symantec Cloud Workload Protection (CWP) suite customers can send security events from their own environments to EventBridge to drive comprehensive security analytics use cases.
Whispir is a cloud-based platform that automates, personalises, and layers communications using smart workflow technology. You can automate workflow communications with third-party applications by using EventBridge to incorporate data directly into Whispir communications..
Zendesk makes better customer service experiences for agents, admins, and customers. With EventBridge, you can send Zendesk support ticket data into AWS to leverage customer data for business intelligence and analytics, machine learning, and more.
Customers can get started by navigating to the EventBridge console and selecting an event source from a list of AWS services and SaaS applications. EventBridge will securely connect to the event source and start sending events to the configured targets.
If your organization is interested in integrating with EventBridge, you can complete the process with minimal development time.
To get started, register with the AWS Partner Network (APN) if you’re not yet a member, and then contact the EventBridge integration team to access the partner API.