This is an opinionated implementation which maps an SNS topic name to a Slack channel. It uses a single Slack webhook URL and overrides the Slack username, icon, and emoji.
-
Navigate to https://.slack.com/services/new
-
Search for and select "Incoming WebHooks".
-
Choose the default channel where messages will be sent and click "Add Incoming WebHooks Integration".
-
Copy the webhook URL from the setup instructions and use it in the next section.
-
Name the integration something meaningful like AWS Lambda sns-to-slack.
-
Create a KMS key - http://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html.
-
Encrypt the event collector token using the AWS CLI.
$ aws kms encrypt --key-id alias/<KMS key name> --plaintext "<SLACK_HOOK_URL>"Note: You must exclude the protocol from the URL (e.g. "hooks.slack.com/services/abc123").
- Copy the base-64 encoded, encrypted key (CiphertextBlob) and add it to the
encrypted_webhook_urlkey in the next section.
Copy config.json.example to config.json and update the encrypted_webhook_url key to the encrypted Slack URL that you copied above.
Slack channels have a limit of 21 characters.
You'll want to namespace your channels accordingly.
channel_map setting is the mapping from the SNS topic name to the channel name.
- Alerts get the ๐ฅ
:fire:emoji. - Events get the ๐ฐ๏ธ
:mantelpiece_clock:emoji.
I will be changing this to me more configurable, too.
There are some Pythonic ways of developing and testing AWS Lambda functions locally, but I haven't used them (yet). In the meantime, a simplistic test is:
python lambda_function.pyThe Lambda Function can be named whatever you like. Installing/updating the Lambda Function can be done using the AWS CLI. There are more Pythonic ways of doing so however.
You can do all of this via the AWS Lambda console, but if you are more automation oriented a rough outline of steps follows:
The Lambda function requires an IAM Role to execute. You can create this in the AWS IAM console or the AWS CLI.
$ aws iam create-role --role-name lambda_basic_execution --assume-role-policy-document '{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}'To permit the IAM Role above to execute and put logs in CloudWatch Logs:
aws iam put-role-policy --role-name lambda_basic_execution --policy-name lambda_basic_execution --policy-document '{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*"
}
]
}'The Role name lambda_basic_execution is created by the AWS Lambda console.
The ARN: arn:aws:iam::<AWS_ACCOUNT_ID>:role/lambda_basic_execution
If you using a virtualenv (you should), then the following command will upload a .zip file of the SNS-to-Slack Lambda function using the AWS CLI and a credential profile named my_profile:
zip -u sns-to-slack.zip lambda_function.py config.json
pushd $VIRTUAL_ENV/lib/python2.7/site-packages
zip -u -r $OLDPWD/sns-to-slack.zip . --exclude pip\* --exclude setuptools\*
popdaws lambda create-function \
--function-name sns-to-slack \
--runtime python2.7 \
--role arn:aws:iam::<AWS_ACCOUNT_ID>:role/lambda_basic_execution \
--handler lambda_function.lambda_handler \
--zip-file fileb://./sns-to-slack.zip \
--description "Send SNS events to Slack" \
--memory-size 128 \
--timeout 3aws lambda update-function-code \
--function-name function:sns-to-slack \
--zip-file fileb://./sns-to-slack.zipaws lambda create-alias \
--function-name sns-to-slack \
--description "development version" \
--function-version "\$LATEST" \
--name developmentaws lambda publish-version \
--function-name sns-to-slackhttps://docs.aws.amazon.com/lambda/latest/dg/python-lambda.html https://docs.aws.amazon.com/lambda/latest/dg/lambda-python-how-to-create-deployment-package.html https://docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent