Skip to content

Module to enable Chatbot Slack channel configuration in Terraform

License

Notifications You must be signed in to change notification settings

VerticeOne/fork-terraform-aws-chatbot-slack-configuration

Repository files navigation

Description

This module is a bit of a hack around the fact that AWS Chatbot managed to launch without API support (which means no native Terraform support) but does support configuration via Cloudformation. Behind the scenes this module is launching a Cloudformation stack on your behalf and managing things that way.

Usage

Basic Configuration

locals {
  chatbot_logging_level      = "INFO"
  chatbot_slack_workspace_id = "T024F6QTP"

  chatbot_tags = {
    Automation     = "Terraform + Cloudformation"
    Terraform      = true
    Cloudformation = true
  }
}

data "aws_iam_role" "chatbot" {
  name = "Wave__AwsChatBot"
}

data "aws_sns_topic" "serverless_sumologic_convox_scylla_pipeline_notifications" {
  name = "serverless-sumologic-convox-scylla-pipeline-notifications"
}

module "chatbot_slack_configuration" {
  source  = "waveaccounting/chatbot-slack-configuration/aws"
  version = "1.1.0"

  configuration_name = "config-name"
  iam_role_arn       = data.aws_iam_role.chatbot.arn
  slack_channel_id   = "ABCDEADF"
  slack_workspace_id = local.chatbot_slack_workspace_id

  sns_topic_arns = [
    data.aws_sns_topic.serverless_sumologic_convox_scylla_pipeline_notifications.arn,
  ]

  tags = local.chatbot_tags
}

Logging all events

module "chatbot_slack_configuration" {
  source  = "waveaccounting/chatbot-slack-configuration/aws"
  version = "1.1.0"

  configuration_name = "config-name"
  iam_role_arn       = data.aws_iam_role.chatbot.arn
  logging_level      = local.chatbot_logging_level
  slack_channel_id   = "ABCDEADF"
  slack_workspace_id = local.chatbot_slack_workspace_id

  sns_topic_arns = [
    data.aws_sns_topic.serverless_sumologic_convox_scylla_pipeline_notifications.arn,
  ]

  tags = local.chatbot_tags
}

Configuring channel guardrails and user role required

module "chatbot_slack_configuration" {
  source  = "waveaccounting/chatbot-slack-configuration/aws"
  version = "1.1.0"

  configuration_name = "config-name"
  iam_role_arn       = data.aws_iam_role.chatbot.arn
  logging_level      = local.chatbot_logging_level
  slack_channel_id   = "ABCDEADF"
  slack_workspace_id = local.chatbot_slack_workspace_id

  guardrail_policies = ["arn:aws:iam::aws:policy/ReadOnlyAccess"]
  user_role_required = true

  sns_topic_arns = [
    data.aws_sns_topic.serverless_sumologic_convox_scylla_pipeline_notifications.arn,
  ]

  tags = local.chatbot_tags
}

Requirements

Name Version
terraform >= 0.12

Providers

Name Version
aws n/a
local n/a

Inputs

Name Description Type Default Required
configuration_name The name of the configuration. any n/a yes
guardrail_policies The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set. list(string)
[
"arn:aws:iam::aws:policy/AdministratorAccess"
]
no
iam_role_arn The ARN of the IAM role that defines the permissions for AWS Chatbot. This is a user-defined role that AWS Chatbot will assume. This is not the service-linked role. For more information, see IAM Policies for AWS Chatbot. any n/a yes
logging_level Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs. Logging levels include ERROR, INFO, or NONE. string "ERROR" no
slack_channel_id The ID of the Slack channel. To get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the 9-character string at the end of the URL. For example, ABCBBLZZZ. any n/a yes
slack_workspace_id The ID of the Slack workspace authorized with AWS Chatbot. To get the workspace ID, you must perform the initial authorization flow with Slack in the AWS Chatbot console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-4 in Setting Up AWS Chatbot with Slack in the AWS Chatbot User Guide. any n/a yes
sns_topic_arns The ARNs of the SNS topics that deliver notifications to AWS Chatbot. list(string) n/a yes
tags Additional tags (e.g. map('BusinessUnit','XYZ') map(string) {} no
user_role_required Enables use of a user role requirement in your chat configuration. bool false no

Outputs

Name Description
configuration_arn The ARN of the Chatbot Slack configuration
stack_id The unique identifier for the stack.

About

Module to enable Chatbot Slack channel configuration in Terraform

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published