DEV Community

Elham Najeebullah
Elham Najeebullah

Posted on

Create a Lambda function that responds to CloudWatch Alarm actions

To create a Lambda function that responds to CloudWatch Alarm actions and modifies AWS resources accordingly, you can follow these steps.

This guide will demonstrate creating a Lambda function in Node.js that can stop EC2 instances as a response to an alert, but the concept can be extended to other resources and actions (e.g., modifying or terminating resources).


  • AWS CLI installed and configured.
  • Basic knowledge of AWS services (Lambda, CloudWatch, EC2).
  • Node.js installed locally if you wish to test the script outside of AWS initially.

Step 1: Create an IAM Role for Lambda

  1. IAM Console: Go to the IAM console in AWS.
  2. Create Role: Select "Lambda" as the service that will use this role.
  3. Attach Policies: Attach policies that grant the necessary permissions. For stopping EC2 instances, attach the AmazonEC2FullAccess policy. In a production environment, you should create a custom policy with more restricted permissions.
  4. Review and Create: Name your role (e.g., LambdaEC2ManagementRole) and create it.

Step 2: Create the Lambda Function

  1. Lambda Console: Go to the AWS Lambda console and choose "Create function".
  2. Configuration:
    • Name your function (e.g., StopEC2Instances).
    • Select Node.js as the runtime.
    • Choose the IAM role created in Step 1.

Function Code: Use the AWS SDK for JavaScript in Node.js. Below is a simple example that stops a specific EC2 instance when triggered. Replace 'INSTANCE_ID' with the actual instance ID you want to stop.

const AWS = require('aws-sdk');
const ec2 = new AWS.EC2();

exports.handler = async (event) => {
    console.log("Event: ", JSON.stringify(event, null, 2));

    const params = {
        InstanceIds: ['INSTANCE_ID'], // Replace with your instance ID
        DryRun: false

    try {
        const data = await ec2.stopInstances(params).promise();
        console.log("Success", JSON.stringify(data, null, 2));
    } catch (err) {
        console.error("Error", err);
Enter fullscreen mode Exit fullscreen mode

Deploy: After entering your code, deploy the Lambda function.

Step 3: Configure CloudWatch Alarm or AWS Budgets to Trigger Lambda

  • For CloudWatch Alarms: Navigate to the CloudWatch console, create or select an existing alarm, and specify the Lambda function as the action for the alarm state (e.g., "In Alarm").

  • For AWS Budgets Alerts:

    • Go to the AWS Budgets console.
    • Create a budget or select an existing one.
    • In the "Alerts" section, add a new alert.
    • Set the alert to publish to an SNS topic.
    • Subscribe the Lambda function to the SNS topic either through the Lambda console or the SNS console.

Step 4: Testing and Verification

  • Invoke Manually: Initially, you might want to invoke the Lambda function manually with a test event to ensure it operates as expected without waiting for an alarm.
  • Monitor Logs: Check the CloudWatch Logs for your Lambda function to verify it's being triggered and is executing correctly.
  • Trigger Alarm: To fully test the integration, you can configure conditions that trigger the CloudWatch Alarm or exceed your AWS Budgets threshold to ensure the Lambda function is invoked automatically.

Top comments (0)