Triggering automation using CloudWatch schedules and events

Although you can trigger automation documents manually, it's far better to either schedule or automate the execution of automation jobs using CloudWatch schedules and events.

Let's first understand how you can leverage CloudWatch events to trigger simple notifications of Systems Manager Automation events. These events can be used to notify you of whether your automation task succeeded, failed, or simply timed out:

1. First, log in to the CloudWatch dashboard. Alternatively, you can open CloudWatch via https://console.aws.amazon.com/cloudwatch/.
2. Next, from the navigation pane, select the Events option to bring up the Create rule page. Here, select Event Pattern from the Event Source section.
3. With this done, we now need to build our event source. To do so, from the Service Name drop-down list, search and select the option EC2 Simple Systems Manager (SSM), as shown here:

1. With the service selected, you can now opt to select a corresponding SSM Event Type as well, for example in this case I wish to be notified when a particular Automation task fails. So in the Event Type drop-down list, I've selected the Automation option. You can alternatively select other SSM services as well.
2. Next, in the detail type section, I've opted to go for the EC2 Automation Execution Status-change Notification option. Correspondingly, I've also selected Failed as the Specific status(es) for my event. This means that if and when a failed status event is generated as a result of an automation job, it will trigger a corresponding action which can be as simple as sending a notification using an SNS service or even triggering a corresponding Lambda function to perform some form of remediation action.
3. Your Event Pattern Preview should resemble something similar to the snippet here:

    {
      "source": [
        "aws.ssm"
      ],
      "detail-type": [
        "EC2 Automation Step Status-change Notification",
        "EC2 Automation Execution Status-change Notification"
      ]
    }
  

Similarly, you can even configure a CRON expression or fixed rate of execution of your automation jobs by selecting the Schedule option in the Event Source section:

1. Provide a suitable Cron expression depending on your requirements, for example, I wish to run the AWS-UpdateLinuxAmi automation document every Sunday at 10 P.M. UTC. In this case, the CRON expression will become 0,18,?,*,SUN,*.
2. With the schedule configured, move on to the Targets section and select the SSM Automation option from the Targets drop-down list as shown in the following screenshot:

1. Next, configure the AWS-UpdateLinuxAmi parameters as we discussed earlier, and once the desired fields are populated, click on Add target* to complete the configuration.

With this step completed, you can now instantaneously trigger your automation jobs based on events as well as schedules, all powered by CloudWatch! Amazing isn't it?

In the next and final section, we will be learning a bit about yet another simple and easy to use SSM service that enables you to manage and patch your instances with ease.