PutTargets
Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.
Targets are the resources that are invoked when a rule is triggered.
The maximum number of entries per request is 10.
Note
Each rule can have up to five (5) targets associated with it at one time.
For a list of services you can configure as targets for events, see EventBridge targets in the Amazon EventBridge User Guide .
Creating rules with built-in targets is supported only in the AWS Management Console. The built-in targets are:
-
Amazon EBS CreateSnapshot API call -
Amazon EC2 RebootInstances API call -
Amazon EC2 StopInstances API call -
Amazon EC2 TerminateInstances API call
For some target types, PutTargets provides target-specific parameters. If the
target is a Kinesis data stream, you can optionally specify which shard the event
goes to by using the KinesisParameters argument. To invoke a command on multiple
EC2 instances with one rule, you can use the RunCommandParameters field.
To be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:
-
For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.
-
For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the
RoleARNargument inPutTargets.
For more information, see Authentication and Access Control in the Amazon EventBridge User Guide .
If another AWS account is in the same region and has granted you permission
(using PutPermission), you can send events to that account. Set that account's
event bus as a target of the rules in your account. To send the matched events to the other
account, specify that account's event bus as the Arn value when you run
PutTargets. If your account sends events to another account, your account is
charged for each sent event. Each event sent to another account is charged as a custom event.
The account receiving the event is not charged. For more information, see Amazon EventBridge Pricing
Note
Input, InputPath, and InputTransformer are not
available with PutTarget if the target is an event bus of a different AWS account.
If you are setting the event bus of another account as the target, and that account
granted permission to your account through an organization instead of directly by the account
ID, then you must specify a RoleArn with proper permissions in the
Target structure. For more information, see Sending and
Receiving Events Between AWS Accounts in the Amazon EventBridge User Guide.
Note
If you have an IAM role on a cross-account event bus target, a PutTargets
call without a role on the same target (same Id and Arn) will not
remove the role.
For more information about enabling cross-account events, see PutPermission.
Input, InputPath, and InputTransformer are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:
-
If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).
-
If Input is specified in the form of valid JSON, then the matched event is overridden with this constant.
-
If InputPath is specified in the form of JSONPath (for example,
$.detail), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed). -
If InputTransformer is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.
When you specify InputPath or InputTransformer, you must use
JSON dot notation, not bracket notation.
When you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.
This action can partially fail if too many requests are made at the same time. If that
happens, FailedEntryCount is non-zero in the response and each entry in
FailedEntries provides the ID of the failed target and the error code.
Request Syntax
{
"EventBusName": "string",
"Rule": "string",
"Targets": [
{
"AppSyncParameters": {
"GraphQLOperation": "string"
},
"Arn": "string",
"BatchParameters": {
"ArrayProperties": {
"Size": number
},
"JobDefinition": "string",
"JobName": "string",
"RetryStrategy": {
"Attempts": number
}
},
"DeadLetterConfig": {
"Arn": "string"
},
"EcsParameters": {
"CapacityProviderStrategy": [
{
"base": number,
"capacityProvider": "string",
"weight": number
}
],
"EnableECSManagedTags": boolean,
"EnableExecuteCommand": boolean,
"Group": "string",
"LaunchType": "string",
"NetworkConfiguration": {
"awsvpcConfiguration": {
"AssignPublicIp": "string",
"SecurityGroups": [ "string" ],
"Subnets": [ "string" ]
}
},
"PlacementConstraints": [
{
"expression": "string",
"type": "string"
}
],
"PlacementStrategy": [
{
"field": "string",
"type": "string"
}
],
"PlatformVersion": "string",
"PropagateTags": "string",
"ReferenceId": "string",
"Tags": [
{
"Key": "string",
"Value": "string"
}
],
"TaskCount": number,
"TaskDefinitionArn": "string"
},
"HttpParameters": {
"HeaderParameters": {
"string" : "string"
},
"PathParameterValues": [ "string" ],
"QueryStringParameters": {
"string" : "string"
}
},
"Id": "string",
"Input": "string",
"InputPath": "string",
"InputTransformer": {
"InputPathsMap": {
"string" : "string"
},
"InputTemplate": "string"
},
"KinesisParameters": {
"PartitionKeyPath": "string"
},
"RedshiftDataParameters": {
"Database": "string",
"DbUser": "string",
"SecretManagerArn": "string",
"Sql": "string",
"Sqls": [ "string" ],
"StatementName": "string",
"WithEvent": boolean
},
"RetryPolicy": {
"MaximumEventAgeInSeconds": number,
"MaximumRetryAttempts": number
},
"RoleArn": "string",
"RunCommandParameters": {
"RunCommandTargets": [
{
"Key": "string",
"Values": [ "string" ]
}
]
},
"SageMakerPipelineParameters": {
"PipelineParameterList": [
{
"Name": "string",
"Value": "string"
}
]
},
"SqsParameters": {
"MessageGroupId": "string"
}
}
]
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- EventBusName
-
The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 1600.
Pattern:
(arn:aws[\w-]*:events:[a-z]{2}-[a-z]+-[\w-]+:[0-9]{12}:event-bus\/)?[/\.\-_A-Za-z0-9]+Required: No
- Rule
-
The name of the rule.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
[\.\-_A-Za-z0-9]+Required: Yes
- Targets
-
The targets to update or add to the rule.
Type: Array of Target objects
Array Members: Minimum number of 1 item. Maximum number of 100 items.
Required: Yes
Response Syntax
{
"FailedEntries": [
{
"ErrorCode": "string",
"ErrorMessage": "string",
"TargetId": "string"
}
],
"FailedEntryCount": number
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- FailedEntries
-
The failed target entries.
Type: Array of PutTargetsResultEntry objects
- FailedEntryCount
-
The number of failed entries.
Type: Integer
Errors
For information about the errors that are common to all actions, see Common Errors.
- ConcurrentModificationException
-
There is concurrent modification on a rule, target, archive, or replay.
HTTP Status Code: 400
- InternalException
-
This exception occurs due to unexpected causes.
HTTP Status Code: 500
- LimitExceededException
-
The request failed because it attempted to create resource beyond the allowed service quota.
HTTP Status Code: 400
- ManagedRuleException
-
This rule was created by an AWS service on behalf of your account. It is managed by that service. If you see this error in response to
DeleteRuleorRemoveTargets, you can use theForceparameter in those calls to delete the rule or remove targets from the rule. You cannot modify these managed rules by usingDisableRule,EnableRule,PutTargets,PutRule,TagResource, orUntagResource.HTTP Status Code: 400
- ResourceNotFoundException
-
An entity that you specified does not exist.
HTTP Status Code: 400
Examples
Adds a target to a Lambda function with the ID "MyTargetId" to the rule named "test"
The following is an example of a PutTargets request.
Sample Request
POST / HTTP/1.1
Host: events.<region>.<domain>
x-amz-Date: <Date>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature>
User-Agent: <UserAgentString>
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Connection: Keep-Alive
X-Amz-Target: AWSEvents.PutTargets
{
"Rule": "test",
"Targets": [
{
"Id": "MyTargetId",
"Arn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction"
}
]
}Sample Response
HTTP/1.1 200 OK
x-amzn-RequestId: <RequestId>
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Date: <Date>
{
"FailedEntries": [],
"FailedEntryCount": 0
}Use Input Transformer to extract data from an event and input that data to the target
This example extracts the instance and state from an event, puts them into a simple
text template, and passes this data to a Lambda function called
MyFunction.
Note
If your are using InputTransformer with CloudWatch Logs as a target,
the Template must be
{"timestamp":<timestamp>,"message":<version-id>}.
Sample Request
POST / HTTP/1.1
Host: events.<region>.<domain>
x-amz-Date: <Date>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature>
User-Agent: <UserAgentString>
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Connection: Keep-Alive
X-Amz-Target: AWSEvents.PutTargets
{
"Rule": "testrule",
"Targets": [
{
"Id": "MyTargetId",
"Arn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction",
"InputTransformer":
{
"InputPathsMap": {"instance": "$.detail.instance","status": "$.detail.status"},
"InputTemplate": "<instance> is in state <status>"
}
}
]
}
Example
Here is another sample request using InputTransformer. The input to the
Lambda function is in JSON format, with an array substituted. Below that sample request
are examples of an event and the resulting output to the target, using this sample
request.
POST / HTTP/1.1 Host: events.<region>.<domain> x-amz-Date: <Date> Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature> User-Agent: <UserAgentString> Content-Type: application/x-amz-json-1.1 Content-Length: <PayloadSizeBytes> Connection: Keep-Alive X-Amz-Target: AWSEvents.PutTargets { "Rule": "testrule", "Targets": [ { "Id": "MyTargetId", "Arn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction" "InputTransformer": { "InputPathsMap": {"commandsToRun": "$.detail.commands"}, "InputTemplate": "{\"commands\": <commandsToRun>}" } } ] }
Incoming event: { "Time": 1225864800, "Source": "foo", "Resources": ["foo", "foo"], "DetailType": "foo", "Detail": { "commands": ["ls -lrt", "echo HelloWorld!"] } }
Output sent to the target: { "commands" : ["ls -lrt", "echo HelloWorld!"] }
Sends a command to a list of EC2 instances specified by InstanceIds, using Amazon EC2 Run Command
This example illustrates one usage of PutTargets.
POST / HTTP/1.1 Host: events.<region>.<domain> x-amz-Date: <Date> Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature> User-Agent: <UserAgentString> Content-Type: application/x-amz-json-1.1 Content-Length: <PayloadSizeBytes> Connection: Keep-Alive X-Amz-Target: AWSEvents.PutTargets { "Rule": "testrule", "Targets": [ { "Id": "id123456789", "Arn": "arn:aws:ssm:us-east-1:12345679012:document/RestartLinuxService", "RoleArn": "arn:aws:iam::123456789012:role/MyRoleToAccessEC2" "RunCommandParameters": { "RunCommandTargets": [ { "Key":"InstanceIds", "Values":["i-123456789012", "i-098765432109"] } ] } ] }
Sends a batch job command to an job queue
When the target is an AWS Batch job queue, the Arn field
specifies the ARN of the job queue, while JobDefinition specifies the ARN of
the job definition.
POST / HTTP/1.1 Host: events.<region>.<domain> x-amz-Date: <Date> Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature> User-Agent: <UserAgentString> Content-Type: application/x-amz-json-1.1 Content-Length: <PayloadSizeBytes> Connection: Keep-Alive X-Amz-Target: AWSEvents.PutTargets { "Rule":"batch-job-rule", "Targets":[ { "Id":"id123456789", "Arn":"arn:aws:batch:us-west-2:012345678910:job-queue/default", "BatchParameters":{ "ArrayProperties":{ "Size":25 }, "JobDefinition":"arn:aws:batch:us-west-2:012345678910:job-definition/nvidia-smi:1", "JobName":"unique-job-name", "RetryStrategy":{ "Attempts":5 } } } ] }
Uses KinesisParameters to control the shard assignment
In this example, KinesisParameters is used to specify that events related
to status changes are sent to a shard specific to the affected instance ID.
POST / HTTP/1.1 Host: events.<region>.<domain> x-amz-Date: <Date> Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature> User-Agent: <UserAgentString> Content-Type: application/x-amz-json-1.1 Content-Length: <PayloadSizeBytes> Connection: Keep-Alive X-Amz-Target: AWSEvents.PutTargets { "Rule": "StatusChangeRule", "Targets": [ { "Id" : "1", "Arn": "arn:aws:kinesis:us-east-1:123456789012:function:stream/mystream", "KinesisParameters":{ "PartitionKeyPath":"$.detail.instance-id"}' } ] }
Adds an Amazon Data Firehose data delivery stream as a target
This example sets a Kinesis data delivery stream named
target-stream-name as a target.
POST / HTTP/1.1 Host: events.<region>.<domain> x-amz-Date: <Date> Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature> User-Agent: <UserAgentString> Content-Type: application/x-amz-json-1.1 Content-Length: <PayloadSizeBytes> Connection: Keep-Alive X-Amz-Target: AWSEvents.PutTargets { "Rule": "FirehoseExample", "Targets": [ { "RoleArn": "arn:aws:iam::123456789012:role/MyRoleToAccessKinesis" "Id" : "FirehoseStream", "Arn": "arn:aws:firehose:us-east-1:123456789012:deliverystream/target-stream-name", } ] }
Adds a Step Functions state machine as a target
This example targets a state machine called "HelloWorld", and sends the input constant "Hello World!" to that target.
POST / HTTP/1.1 Host: events.<region>.<domain> x-amz-Date: <Date> Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature> User-Agent: <UserAgentString> Content-Type: application/x-amz-json-1.1 Content-Length: <PayloadSizeBytes> Connection: Keep-Alive X-Amz-Target: AWSEvents.PutTargets { "Rule": "testrule", "Targets": [ { "RoleArn": "arn:aws:iam::123456789012:role/MyRoleToAccessStepFunctions" "Arn":"arn:aws:states:us-east-1:123456789012:stateMachine:HelloWorld", "Input":"HelloWorld!" } ] }
Adds a target that creates three Amazon ECS tasks based on a task definition
This example uses Amazon ECS as the target. You must have already created the task definition and cluster in Amazon ECS.
POST / HTTP/1.1 Host: events.<region>.<domain> x-amz-Date: <Date> Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature> User-Agent: <UserAgentString> Content-Type: application/x-amz-json-1.1 Content-Length: <PayloadSizeBytes> Connection: Keep-Alive X-Amz-Target: AWSEvents.PutTargets { "Rule": "test", "Targets": [ { "Id": "Target1", "RoleArn": "arn:aws:iam::123456789012:role/MyRoleToAccessECS" "Arn": "arn:aws:ecs:us-east-1:123456789012:cluster/example-cluster", "ECSParameters": { "TaskDefinitionArn": "arn:aws:ecs:us-east-1:123456789012:task-definition/example", "TaskCount": 3 } } ] }
Specifying two targets with one command
This example sets two simple targets with one command. In this example, both targets are AWS Lambda functions, but the two targets could be different AWS services as well.
Sample Request
POST / HTTP/1.1
Host: events.<region>.<domain>
x-amz-Date: <Date>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature>
User-Agent: <UserAgentString>
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Connection: Keep-Alive
X-Amz-Target: AWSEvents.PutTargets
{
"Rule": "test",
"Targets": [
{
"Id": "MyTargetId",
"Arn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction"
}
{
"Id": "MyTargetId2",
"Arn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction2"
}
]
}Specifying another account as a target
This example shows cross-account event delivery. The target being added is the event
bus of a separate AWS account, which has the AWS account ID
of 444455556666.
Note
Input, InputPath, and InputTransformer are
not available with PutTarget if the target is an event bus of a different
AWS account.
Sample Request
POST / HTTP/1.1
Host: events.<region>.<domain>
x-amz-Date: <Date>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature>
User-Agent: <UserAgentString>
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Connection: Keep-Alive
X-Amz-Target: AWSEvents.PutTargets
{
"Rule": "producer-rule",
"Targets": [
{
"Id": "CrossAccountTargetId",
"Arn": "arn:aws:events:us-east-1:444455556666:event-bus/default"
}
]
}Adds a API Gateway API as a target
This example targets an API Gateway API with static and dynamic HTTP parameters.
Note
HTTP parameters with static values are passed through to API Gateway as-is. If you provide a JSON Path (prefixed with "$."), it will be dynamically replaced at runtime with a value from the event payload (before input transformation).
Sample Request
POST / HTTP/1.1
Host: events.<region>.<domain>
x-amz-Date: <Date>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature>
User-Agent: <UserAgentString>
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Connection: Keep-Alive
X-Amz-Target: AWSEvents.PutTargets
{
"Rule": "test",
"Targets":
[
{
"Id": "testTargetId",
"Arn": "arn:aws:execute-api:us-east-1:444455556666:py1kl011je/testStage/POST/path1/*/path2/*",
"RoleArn": "arn:aws:iam::415653183693:role/APIGatewayPOC",
"HttpParameters":
{
"PathParameterValues": ["pp1Val", "pp2Val"],
"HeaderParameters": {"hp1": "hp1Val", "hp2": "$.detail.header"},
"QueryStringParameters": {"qsp1": "qsp1Val", "qsp2": "$.source"}
}
}
]
}See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
