Reputation: 2617
I am trying to get an AWS Lambda function to run whenever a new image is pushed to an AWS container registry. I have created and tested the function which works fine. I have then created a simple CloudWatch event rule with the pattern:
{
"source": [
"aws.ecr"
]
}
which I believe will trigger on any event from ECR.
The rule has a target of the lambda function. The problem is the function is not called when a new image is pushed to the registry (or deleted etc). Nothing appears in the CloudWatch logs for the function. Is there something missing from the event rule or a way to diagnose what could be going wrong?
Upvotes: 9
Views: 7896
Reputation: 283
CloudTrail records PutImage event and can write it to CloudWatch Logs. An Alarm can be triggered whenever a PutImage
event is written in CloudWatch Logs which can further trigger a Lambda Function through SNS.
You would create a Logs Metric Filter, Something like this.
{ ($.eventSource = ecr.amazonaws.com) && ($.eventName = PutImage) && ($.requestParameters.repositoryName = “<RepoName>”) && ($.errorCode NOT EXISTS) }
or
You need to configure the ECR CloudTrail API Calls Events.
{
"source": [
"aws.ecr"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"ecr.amazonaws.com"
]
}
}
Upvotes: 10