Open in app

Sign in

Write

Sign in

Automating AWS Tasks with Lambda and CloudWatch Events

Christopher Adamson
9 min readDec 20, 2023

Automating routine administrative tasks is key to efficiently operating infrastructure and applications in the cloud. However, doing so manually is time-consuming, tedious, and error-prone. AWS offers serverless services like Lambda and CloudWatch Events that allow crafting automated workflows triggered on schedules or system events. In this tutorial, we will leverage these managed services to build self-driving automation for common admin tasks.

We will first create a simple Lambda function to act as our automation agent. Lambda provides the compute infrastructure to run code without thinking about servers. Next, we set up a CloudWatch Events rule that can regularly invoke this Lambda function based on time schedules we define. We can configure cron expressions or rate schedules that suit our needs.

CloudWatch Events sources these scheduled events while Lambda provides the custom logic we wish to execute. As the glue connecting the two, CloudWatch Events will pass runtime parameters from its payload to initialize the target Lambda. Within the Lambda code, we leverage the AWS SDK to call services needed for our particular automation task. This provides native integration without external dependencies. We will examine patterns for instance scheduling, database/storage backups, DNS routing, infrastructure deployments and more using this serverless approach.

Such event-driven automation eliminates human oversight requirements and cuts down idle resource time. Infrastructure automatically scales up and down right when needed. Schedules can be easily tweaked to align to usage patterns. Any failures trigger alerts and retries before manual intervention. By leveraging Lambda and CloudWatch Events together, we will build robust workflows automating many repetitive yet mission-critical administration responsibilities in our cloud environments.

Prerequisites

  • An AWS account
  • Basic understanding of Lambda and CloudWatch Events
  • AWS CLI installed and configured on your machine

Creating a Test Lambda Function

We will first create a simple Lambda function to test out the overall workflow.

  1. In the AWS Lambda console, click “Create function”
  2. Select “Author from scratch”
  3. Name the function “TestFunction”
  4. For Runtime, pick Python 3.7
  5. Click “Create function”
  6. Paste the following code in the index.py file:

This simply prints the input event and returns a greeting message.

7. Click “Deploy” to deploy this code to Lambda.

Creating a CloudWatch Events Rule

Next, we will create a CloudWatch Events rule to trigger this Lambda function on a schedule.

  1. Go to the CloudWatch console and click on “Events” -> “Rules” in the left sidebar.
  2. Click “Create rule”.
  3. Under “Event Source”, select “Schedule”
  4. For schedule expression, specify Cron tab formats like `rate(5 minutes)` or `cron(0 12 * * ? *)`
  5. Under “Targets”, select Lambda function as the target
  6. Pick the “TestFunction” Lambda function we created earlier
  7. Click “Configure details”
  8. Give the rule a name like “TestRule”
  9. Click “Create rule”

Testing Automated Execution

Now that we have set up the CloudWatch rule to trigger the Lambda function, we can verify everything is working as expected.

There are a couple ways to test:

1. Check Lambda Metrics

Go to the Lambda console and select the “TestFunction” on the sidebar. Click into “Metrics” to see graphs of invocations, durations etc.

We should see invocations come through every x minutes/hour depending on the cron schedule configured in the CloudWatch rule. Duration will tell us execution time for each run.

Monitoring these metrics will let us validate scheduled triggers from CloudWatch and capture metrics for the Lambda function over time.

2. Check Lambda Logs

The other option is viewing execution logs for the Lambda function. Go to “Monitor” and select “Logs”.

This log group will contain entries for every function invocation, including automated ones from the CloudWatch rule.

We should be able to see the event payload and output for each execution. For our code, the output would print the input event from CloudWatch Events that triggered the run.

CloudWatch logs give us full visibility into each execution of the Lambda function, whether automated or manual.

3. Test Failures and Alerting

We can also test failures by intentionally breaking something in the Lambda code to trigger an error. Or configure an alert in CloudWatch if there are any failed executions over a period of time.

This helps build reliability and alerting into the automation workflow early on.

Lambda metrics tell us overall invocation trends, logs give visibility into each execution, and testing failures helps validate alerting for errors. Checking each of these will ensure our automation is running properly on schedule before we incorporate actual administration tasks.

Next Steps

Now that we have set up and tested out the overall automation flow, we can replace the test Lambda with actual automation code for tasks like:

Starting/stopping EC2 instances

A common AWS administration task is starting and stopping EC2 and autoscaling instances on a schedule to save costs.

Instead of doing this manually, we can automate the process using Lambda + CloudWatch Events.

The workflow would be:

  1. Create a Lambda function that can start or stop EC2/ASG instances using the AWS SDK
  2. Add logic to read instance IDs or ASG names from parameters, tags, or some other source
  3. Schedule the Lambda function using a CloudWatch Events rule

For example:

We would then create a CloudWatch rule with cron schedules for the morning and evening to invoke this Lambda.

The key benefits are:

  • No manual intervention required allowing optimization of instance running hours
  • Can be applied across dev, test, staging environments easily
  • Schedules can be updated easily without touching EC2s directly
  • Cost saving by running instances only during working hours

Similarly, this approach can also be used for scheduled scaling of ASGs. The Lambda would use the ASG APIs instead to scale up or scale down based on demand patterns.

This demonstrates using Lambda + CloudWatch for infrastructure automation workflows in AWS.

Taking RDS or EBS snapshots

Automating Database and Storage Snapshots

Another common admin task is taking regular backups and snapshots of databases, volumes and storage. Doing this manually is time-consuming and prone to gaps.

We can build automated workflows for RDS database and EBS volume snapshots using Lambda and CloudWatch Events.

The process would be:

  1. Create a Lambda function using RDS and EBS APIs to take snapshots
  2. Identify sources — RDS instances, EBS volumes etc.
  3. Schedule the Lambda function using a CloudWatch Events rule

For example:

We can have the CloudWatch event trigger this daily or weekly to take automated snapshots.

Benefits include:

  • Automated backups as per compliance needs
  • No risk of data loss from storage failures
  • Easy retrieval via snapshot history
  • Improved recovery time objectives

The same approach can be enhanced to delete older snapshots, tag them, or copy across regions/accounts. This provides reliable and efficient storage backup workflows.

Updating Route53 records

AWS Route 53 is a managed DNS service that routes end users to applications across AWS resources. Route 53 records may need periodic updates as resources scale up or down.

We can easily automate this using Lambda functions triggered by CloudWatch events.

The workflow would be:

  1. Create a Lambda to update Route 53 record sets using the AWS SDK
  2. Identify record sets that need periodic changes
  3. Configure CloudWatch events to trigger Lambda on schedule

For example:

This can update records based on private IP addresses of instances in autoscaling groups automatically.

Benefits include:

  • Changes propagate faster after scale events
  • Reduces risk of manual errors
  • Quickly update records across environments
  • Insulates app changes from infrastructure updates

This demonstrates using CloudWatch schedules to drive automated Route 53 workflows.

Automating CloudFormation Stack Operations

AWS CloudFormation allows provisioning infrastructure as code through templates. Complex stacks take time to create or update. Failures can cause rollbacks wasting more time.

We can optimize this by automating CloudFormation operations like deployments, updates or deletions using Lambda triggered by CloudWatch events.

The workflow would be:

  1. Create a Lambda function to execute CLI commands for CloudFormation stacks
  2. Configure triggers from CloudWatch rules based on schedules or time windows
  3. Pass any runtime parameters like stack names, regions etc to the Lambda

For example:

We wrap the AWS CLI in the Lambda function to deploy stacks. Can also call CreateChangeSet, ExecuteChangeSet or DeleteStack based on the action required.

Benefits include:

  • Automated deployments of infrastructure on schedules
  • Parameterization helps update stacks across environments
  • Shift deployments to off-peak timings
  • Auto rollback or redeploy on failures

This demonstrates using CloudWatch Events to drive programmatic automation of CloudFormation stacks across their lifecycle.

Automating AWS Batch Job Execution

AWS Batch enables running batch computing jobs without managing servers. It queues jobs and schedules compute resources.

We can easily set up workflows to trigger AWS Batch jobs on a schedule using Lambda functions and CloudWatch Events.

The process would be:

  1. Create AWS Batch compute environments, job queues and job definitions
  2. Write a Lambda function using the AWS Batch SDK to submit jobs
  3. Use CloudWatch Events to regularly invoke the Lambda and trigger jobs

For example:

We pass job parameters through the CloudWatch event and reuse the Lambda easily for different schedules.

Benefits include:

  • Scheduled execution of data processing workloads
  • Automation frees from manual job submissions
  • Integration with other AWS services through Batch
  • Handles failures, retries, notifications etc.

This demonstrates a pattern for integration between serverless and batch processing jobs.

Executing Custom Administration Scripts

In addition to AWS services, we may have custom scripts and tools used for administration tasks. These could be written in Bash, Python, Perl etc.

We can integrate execution of these scripts into automated workflows using Lambda triggered by CloudWatch Events.

The process would involve:

  1. Package custom scripts with the Lambda function code
  2. Create an execution method to invoke scripts based on runtime parameters
  3. Configure CloudWatch schedule rules to provide parameters and run

For example:

We can pass script names and parameters through CloudWatch events to control executions.

Benefits include:

  • Scheduling tasks like database maintenance, cleanups etc
  • Integrating legacy tools into automated flows
  • Avoid keeping additional servers just for these scripts
  • Common error handling for scripts through Lambda
  • Native integrations with other AWS services

This demonstrates running custom code and scripts in a serverless manner using Lambda and CloudWatch Events.

Conclusion

Through this tutorial, we built multiple automated administration workflows using Lambda triggered by CloudWatch Events. The core pattern leverages these two managed AWS services to execute common infrastructure tasks on a reliable schedule.

We implemented automation across start/stop scheduling of EC2 instances, periodic snapshots for EBS and RDS, keeping Route 53 records up-to-date, automated deployments of CloudFormation stacks, triggering large batch jobs, and integrating custom scripts. The code handles all task logic while CloudWatch Events provides the customizable scheduling component.

Compared to manual processes or Cron jobs on servers, this approach simplifies automation delivery without infrastructure overhead. Everything is handled by AWS services. The integration with service APIs right within Lambda functions enables end-to-end workflows safely operating on cloud resources. Scheduled automation ensures configurations match application state. Cost and performance optimization is continuous in alignment with usage peaks and troughs.

The serverless approach brings automation closer to business requirements rather than operational constraints. Lambda and CloudWatch relieve the complexity so engineers can focus on applications and deliver more value. Automation reduces human-induced errors from repetitive tasks. Scheduling guarantees backups, failovers, and scalability thereby improving SLAs. Events from across AWS keep functions acting on the latest state rather than outdated snapshots.

With the patterns explored in this tutorial, you can now automate many of the mundane yet necessary aspects of operating distributed cloud architectures. AWS frees you to build automation aligned to usage patterns unconstrained by capacity planning. The next step is identifying more use cases within your unique environment that can benefit from scheduled serverless workflows. This will accelerate migrations by making cloud-native management intrinsic.

AWS
Cloud Computing
Lambda
Cloudwatch
Automation

--

--

Christopher Adamson

Written by Christopher Adamson

450 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams