AWS Chatbot | Slack Integration with AWS Service | Send Notification to Slack on S3 Operation

AWS Chatbot is an interactive agent that makes it easy to monitor and interact with your AWS resources in your Slack channels and Amazon Chime chat rooms. 

With AWS Chatbot you can receive alerts, run commands to return diagnostic information, invoke AWS Lambda functions, and create AWS support cases.

Benefits

• Notification in real-time
• Fast Response
• Quick Setup
• Easily define Permission

Amazon Cloudwatch

Amazon CloudWatch is a bound together observing help for AWS administrations and for your cloud applications. Amazon CloudWatch gives perceivability into your AWS assets to screen asset usage, application execution, and operational wellbeing.

Amazon Cloud Trail

AWS CloudTrail is an assistance that empowers administration, consistency, operational examining, and hazard inspecting of your AWS account. CloudTrail gives occasional history of your AWS account action, including activities taken through the AWS Management Console, AWS SDKs, order line apparatuses, and other AWS administrations.

Hands-on 

Here we are implementing the aws chatbot slack alert notifications on S3 operations.

Step 1: First create your account on slack and sign in your workspace

And launch it and also create a new channel.

Step 2 : Go to the aws chatbot click on create and in chat client select slack

-> click on configure client

-> it will take you to the  permission access page -> click on allow 

-> after clicking on allow aws chatbot integrate with the slack workspace

-> you can check workspace detail

Step 3 : Now let create new channel so click on configure new channel

-> enter the required details -> configure name -> Logging – select All events

-> channel type – select public -> and select the channel of your slack workspace which you have created in step 1, here you have all channels available whatever is slack workspace.

-> give the permissions  and IAM role -> if you already have then select it. Otherwise let it be create an IAM role Using a template be selected and give role name -> in Policy templates 

-> create topic as standard -> name it and leave the optional

-> click on create topic

-> SNS topic is created 

-> configure the topic 

-> after clicking on configure our chatbot is configured from SNS topic 

Step 4 : Now set the cloudwatch logs, Rules for event and Alarm -> so click on Rules -> create rule

Step 5 : Event Source -> Event pattern -> Build event pattern to match events by service (here do not select all services if you did then it will cost huge so take of it ) -> Service Name : S3 -> Event type : Bucket Level Operation -> Event type : Any Operation

{

  “source”: [

    “aws.s3”

  ],

  “detail-type”: [

    “AWS API Call via CloudTrail”

  ],

  “detail”: {

    “eventSource”: [

      “s3.amazonaws.com”

    ],

    “eventName”: [

      “DeleteBucket”,

      “DeleteBucketCors”,

      “DeleteBucketLifecycle”,

      “DeleteBucketPolicy”,

      “DeleteBucketReplication”,

      “DeleteBucketTagging”,

      “DeleteBucketWebsite”,

      “CreateBucket”,

      “PutBucketAcl”,

      “PutBucketCors”,

      “PutBucketLifecycle”,

      “PutBucketPolicy”,

      “PutBucketLogging”,

      “PutBucketNotification”,

      “PutBucketReplication”,

      “PutBucketTagging”,

      “PutBucketRequestPayment”,

      “PutBucketVersioning”,

      “PutBucketWebsite”,

      “PutBucketEncryption”,

      “DeleteBucketEncryption”,

      “DeleteBucketPublicAccessBlock”,

      “PutBucketPublicAccessBlock”

    ]

  }

}

Step 6 :  One thing we have to remember while create cloudwatch event rule and alarm it requires CloudTrail logging turned On. So, here you will get the pop up notification

-> let’s move to Cloudtrail and create the trail

Step 7 : Click on create trail

-> Fill the General details  -> in storage location you can select existing bucket also or you can create new bucket also here only

-> in the next step select the enable button in additional settings and select the existing SNS topic -> select the topic which we created – demo-chatbot-topic step-3. 

-> click on create and trail created

Step 8 : Now switch to the cloudwatch page where we left the cloudwatch rule event section and click on create -> Rule created successfully

Step 9 : now it’s time to create alarm -> click  on create alarm 

-> select metric -> next 

-> check the green ticks in storage section, trail section, all ok move next

Step 9 : select the Events 

-> click on By Rule name

-> Select the chatbot-cloudwatch-rule Innovations->

-> follow the steps -> fill the required detail as filled in figure

-> fill the conditions -> threshold type static -> Greater than threshold -> define the threshold value as 0 so that we can get notification alarm at each activity -> click on Next

Step 10 : In the next step we have configure actions -> select Alarm state trigger as In alarm -> Select the existing SNS topic which we created earlier -> click on next

-> in next step add alarm name and description

-> click on next  and at last click on create alarm

-> alarm created successfully ->

-> wait for a minute -> till perform any activity in s3 bucket

-> upload file in bucket ->  check notification in slack workspace here you get an alarm message .

Use case : 

• Trigger Notification to the Slack on Amazon EC2 CPU use spike
• Run AWS Lambda Notify Slack on execution mistakes
• AWS Budget warnings on Slack when it surpasses limit
• Make AWS Support case utilizing Slack
• Gives alert on GuardDuty security threats on Slack
• Trigger Notification to the Slack on AWS CodePipeline blunders
• It also monitor the operations on AWS Systems Manager parameter