Cargando...
Cargando...
Decouple everything — route events from AWS, SaaS, and custom apps to any target without writing glue code
AWS EventBridge is a fully managed, serverless event bus that enables event-driven architectures by routing events from AWS services, integrated SaaS applications, and custom applications to targets like Lambda, Step Functions, SQS, SNS, and more. It supports schema discovery, event archiving and replay, pipes for point-to-point integrations, and a global event bus for cross-account and cross-region routing. EventBridge decouples producers from consumers, allowing independent scaling and evolution of each component.
Route and filter events from any source to any target in a fully managed, serverless, pay-per-event model — enabling loosely coupled, event-driven architectures at scale
Use When
Avoid When
Default Event Bus
Automatically receives events from AWS services. Cannot be deleted. Present in every account/region.
Custom Event Buses
Create isolated buses per domain, team, or application. Support resource-based policies for cross-account access.
Partner Event Buses (SaaS)
Receive events directly from SaaS partners (Zendesk, Shopify, PagerDuty, etc.) without polling or custom connectors.
Event Pattern Filtering
Rules use JSON-based event patterns with prefix, suffix, numeric, exists, anything-but, and IP address matching.
Content-Based Filtering
Filter on any field in the event payload — not just metadata. Supports complex nested conditions.
Input Transformation
Transform event payload before delivering to target using InputPath, InputTransformer, and InputTemplate.
Schema Registry & Discovery
Auto-discover schemas from events; generate code bindings in Java, Python, TypeScript. Must be explicitly enabled.
Archive & Replay
Archive events from default/custom buses; replay to re-process historical events. Not available for partner buses.
EventBridge Pipes
Point-to-point integration with filtering, enrichment (Lambda/Step Functions/API GW), and batching. Reduces boilerplate code.
EventBridge Scheduler
Dedicated scheduling service supporting millions of schedules, one-time or recurring, with flexible time windows and timezone support.
Cross-Account Event Routing
Use resource-based policies on event buses to allow other accounts to send events. Central event bus pattern for multi-account architectures.
Cross-Region Event Routing
Route events to event buses in other AWS regions. Incurs data transfer costs.
Dead-Letter Queue (DLQ)
SQS DLQ per target for capturing failed deliveries after retry exhaustion.
API Destinations
Send events to any HTTP/HTTPS endpoint (external APIs, webhooks) with connection-level auth (OAuth, API key, Basic).
Global Endpoints
Route events across regions for high availability and disaster recovery of event-driven applications.
VPC Endpoints (PrivateLink)
Send events to EventBridge from within a VPC without traversing the public internet.
CloudTrail Integration
EventBridge can trigger rules based on CloudTrail API call events for compliance and security automation.
At-least-once delivery
EventBridge guarantees at-least-once delivery — consumers must be idempotent.
Exactly-once delivery
EventBridge does NOT guarantee exactly-once delivery. Use idempotency keys in your consumers.
Strict message ordering
EventBridge does not guarantee event ordering. Use SQS FIFO or Kinesis if ordering is required.
Event-Driven Function Invocation
high freqLambda is the most common EventBridge target. Rules filter events and invoke Lambda functions asynchronously. Use for lightweight transformations, notifications, or triggering workflows. Lambda receives the full event JSON.
Event-Triggered Orchestration
high freqEventBridge triggers Step Functions state machines in response to events. Ideal for long-running, multi-step workflows that need coordination, retries, and state management beyond what Lambda alone can provide.
Event Fan-Out with Buffering
high freqRoute events to SQS for decoupled, buffered processing. Consumers pull from SQS at their own pace. Combine with a DLQ for failed message handling. Use SQS FIFO as a target when ordering matters downstream.
Broadcast Fan-Out Beyond 5 Targets
high freqWhen a rule needs to fan out to more than 5 targets, route to SNS as one target, then use SNS subscriptions to reach unlimited consumers. Classic pattern for pub/sub at scale.
Security & Compliance Automation
high freqCloudTrail logs API calls → EventBridge detects specific API events (e.g., unauthorized IAM changes, security group modifications) → Lambda auto-remediates. Core pattern for Security Hub and GuardDuty integrations.
Central Event Bus (Multi-Account)
high freqIn AWS Organizations, spoke accounts send events to a central security/operations account event bus using resource-based policies. The central bus aggregates events for monitoring, auditing, and response.
S3 Event Notification via EventBridge
high freqEnable EventBridge notifications on S3 buckets to receive all S3 events through EventBridge (vs. S3 native notifications to SNS/SQS/Lambda). Provides richer filtering, multiple targets, and archive/replay capabilities.
High-Throughput Event Streaming
medium freqRoute EventBridge events to Kinesis for high-throughput, ordered, replay-capable streaming. Useful when downstream consumers need ordered processing or multiple independent consumers reading the same stream.
Infrastructure Event Automation
medium freqEC2 state change events (start, stop, terminate) trigger EventBridge rules that invoke SSM Run Command or Automation documents for configuration management, patching, or compliance enforcement.
API Destinations (Outbound Webhooks)
medium freqEventBridge API Destinations push events to external HTTP endpoints (third-party SaaS, webhooks) with built-in auth (OAuth2, API key). Replaces custom Lambda webhook forwarders.
Change Data Capture (CDC) Pipeline
medium freqEventBridge Pipes connects DynamoDB Streams directly to Lambda (or other targets) with built-in filtering and optional enrichment. Eliminates custom polling Lambda functions for CDC use cases.
Scheduled Task Execution at Scale
medium freqEventBridge Scheduler replaces CloudWatch Events cron rules for scheduling. Supports millions of independent schedules, one-time future invocations, and flexible time windows — ideal for per-customer scheduled jobs.
EventBridge rules on the DEFAULT event bus automatically receive events from AWS services — no configuration needed on the producer side. You only configure the RULE (filter) and TARGET.
A rule can have a MAXIMUM of 5 targets. If you need to fan out to more consumers, use SNS as one target and let SNS handle the broader distribution — this is the canonical exam answer for 'more than 5 targets' scenarios.
EventBridge guarantees AT-LEAST-ONCE delivery, NOT exactly-once. Always design consumers to be idempotent. This is a critical architectural requirement that appears in scenario-based questions.
EventBridge does NOT guarantee event ordering. If downstream processing requires ordered events, route to Amazon Kinesis Data Streams or SQS FIFO as the target, then process from there.
Maximum 5 targets per rule — for broader fan-out, route to SNS as one target and use SNS subscriptions for unlimited consumers
EventBridge guarantees AT-LEAST-ONCE delivery (not exactly-once) — all consumers MUST be idempotent to handle duplicate events safely
EventBridge does NOT guarantee event ordering — use Kinesis Data Streams or SQS FIFO as targets when ordered processing is required downstream
EventBridge Schema Registry must be EXPLICITLY ENABLED — it does not auto-discover schemas by default. Enabling it allows code binding generation for Java, Python, and TypeScript, which accelerates event-driven development.
Archive and Replay is NOT available for Partner Event Buses (SaaS integrations). It only works with the default event bus and custom event buses you create.
EventBridge Pipes is for POINT-TO-POINT integrations (one source → one target with optional filter/enrich). EventBridge Rules are for BROADCAST/FAN-OUT (one event → up to 5 targets). Know when to use each.
To enable cross-account event routing, add a RESOURCE-BASED POLICY on the DESTINATION event bus (not the source). The source account's rule then targets the destination bus ARN. This is the correct direction of permission.
EventBridge Scheduler is the preferred replacement for CloudWatch Events scheduled rules when you need millions of independent schedules, per-customer scheduling, or one-time future invocations. Use Scheduler for scale; use Rules for simple recurring patterns.
API Destinations allow EventBridge to call ANY external HTTP/HTTPS endpoint with built-in authentication support (OAuth2 client credentials, API key, Basic auth). This eliminates the need for a Lambda 'webhook forwarder' function.
When S3 EventBridge notifications are enabled on a bucket, ALL S3 events flow through EventBridge — giving you richer filtering (content-based), multiple targets, archive/replay, and cross-account routing that native S3 notifications cannot provide.
The maximum event size is 256 KB. For payloads larger than this, store the data in S3 and include only the S3 object reference (bucket + key) in the EventBridge event. This is the standard pattern for large payload event-driven architectures.
Input Transformation lets you reshape the event payload BEFORE it reaches the target — you can extract specific fields, add static values, and restructure JSON. This avoids needing a Lambda function just to reformat data.
Common Mistake
EventBridge and CloudWatch Events are completely separate services with different features
Correct
EventBridge IS the evolution of CloudWatch Events. The default event bus in EventBridge IS the same infrastructure as CloudWatch Events. CloudWatch Events API still works but EventBridge is the preferred service going forward. They share the same default event bus.
Exam questions may reference 'CloudWatch Events' in scenarios — recognize that EventBridge rules on the default bus are the answer. Candidates who treat them as entirely separate services get confused about which service receives AWS service events.
Common Mistake
EventBridge can replace Kinesis Data Streams for high-throughput, ordered event streaming
Correct
EventBridge is NOT a streaming service. It has throughput limits, does not guarantee ordering, and has higher per-event latency than Kinesis. For high-throughput (millions of events/sec), ordered, or replay-required streaming, use Kinesis Data Streams. EventBridge is for event routing and integration, not data streaming.
This is a critical architectural decision point on Solutions Architect exams. The keywords 'ordered', 'high throughput', 'streaming', and 'multiple consumers reading same stream' should trigger Kinesis, not EventBridge.
Common Mistake
A single EventBridge rule can trigger unlimited targets for maximum fan-out
Correct
A single EventBridge rule supports a MAXIMUM of 5 targets. For broader fan-out, use SNS as one of those targets and leverage SNS subscriptions for unlimited consumers. Alternatively, use multiple rules with the same event pattern.
The 5-target limit appears directly in exam scenario questions. Candidates who don't know this limit will choose architecturally incorrect answers. The SNS fan-out workaround is the canonical exam answer.
Common Mistake
EventBridge automatically discovers and registers event schemas without any configuration
Correct
Schema discovery must be EXPLICITLY ENABLED per event bus. It is OFF by default. Once enabled, EventBridge automatically discovers schemas from events flowing through the bus and registers them in the Schema Registry.
Exam questions about schema discovery will include a 'what additional step is required' component. The answer is always 'enable schema discovery on the event bus.' Candidates assume it's automatic because the feature exists.
Common Mistake
EventBridge delivers each event exactly once, so consumers don't need to handle duplicates
Correct
EventBridge provides AT-LEAST-ONCE delivery guarantees, meaning duplicates CAN occur. All consumers must be designed to be idempotent (safe to process the same event multiple times). Use idempotency keys, conditional writes, or deduplication logic.
This is a fundamental distributed systems concept tested on all AWS certifications. Candidates who assume exactly-once delivery design fragile systems. The exam will present scenarios where duplicate processing causes data corruption and ask how to prevent it.
Common Mistake
EventBridge Pipes and EventBridge Rules are interchangeable — use either for any integration
Correct
Pipes are for POINT-TO-POINT integrations: one source (SQS, Kinesis, DynamoDB Streams, Kafka) → optional filter → optional enrichment → one target. Rules are for EVENT ROUTING/FAN-OUT: one event pattern → up to 5 targets. They solve different problems and are not interchangeable.
As Pipes is a newer feature, exam questions increasingly test whether candidates know when to use Pipes vs. Rules. The key differentiator: Pipes has enrichment capability (Lambda/Step Functions/API GW) built-in; Rules do not.
Common Mistake
Archive and Replay works with all event bus types including partner (SaaS) event buses
Correct
Archive and Replay is ONLY available for the default event bus and CUSTOM event buses. Partner event buses (receiving events from SaaS providers like Zendesk, Shopify) do NOT support Archive and Replay.
Exam scenarios about SaaS integration + replay requirements will test this limitation. The correct answer for replaying SaaS events would involve storing them in S3 or DynamoDB via a rule, then replaying from storage — not using EventBridge Archive.
Common Mistake
To allow another AWS account to send events to your event bus, you configure permissions on the SOURCE account
Correct
Cross-account event routing is controlled by a RESOURCE-BASED POLICY on the DESTINATION event bus. The destination account grants the source account permission to call PutEvents on its bus. The source account then creates a rule with the destination bus ARN as the target.
This is the same model as S3 bucket policies, KMS key policies, and Lambda resource policies — permissions are on the resource being accessed. Candidates who think in terms of IAM identity policies (on the source) get this backwards.
RULE = Route-Until-Lambda-Executes: EventBridge Rules ROUTE events to up to 5 targets
PIPE = Point-to-point Integration with Processing and Enrichment: One source, one target, filter in the middle
5 TARGETS MAX — remember '5 fingers on one hand' — a rule can reach 5 targets, use SNS to grow more
At-Least-Once = Always Idempotent: If EventBridge can deliver twice, your consumer must handle it twice safely
DEFAULT bus = FREE AWS events; CUSTOM bus = YOU pay per event via PutEvents API
Schema Discovery: 'Discover requires a Decision' — you must DECIDE to enable it; it won't auto-discover by default
SCHEDULER vs RULES: Scheduler = Scale (millions of individual schedules); Rules = Simple recurring patterns
CertAI Tutor · · 2026-02-21
In the Same Category
Comparisons
Guides & Patterns