|
| 1 | +# aws-backup-integration-slack-go |
| 2 | + |
| 3 | +**UNDER DEVELOPMENT** |
| 4 | + |
| 5 | +AWS Lambda function that listens to **AWS Backup** events via **Amazon |
| 6 | +EventBridge** and publishes clean, threaded messages to Slack. |
| 7 | + |
| 8 | +## Features |
| 9 | + |
| 10 | +* **native eventbridge trigger** – Backup events invoke the function directly |
| 11 | +* **rich slack threads** – each finding opens a thread with severity, region, |
| 12 | + account and a “view in console” button |
| 13 | +* **config-driven** – all behavior controlled by environment variables |
| 14 | + |
| 15 | +--- |
| 16 | + |
| 17 | +## Deployment |
| 18 | + |
| 19 | +### Prerequisites |
| 20 | + |
| 21 | +* AWS account with AWS Backup enabled in at least one region |
| 22 | +* Slack App with a Bot Token (`chat:write` scope) installed in your workspace |
| 23 | +* Go ≥ 1.24 |
| 24 | +* AWS CLI configured for the deployment account |
| 25 | + |
| 26 | +### Steps |
| 27 | + |
| 28 | +```bash |
| 29 | +git clone https://github.com/cruxstack/aws-backup-integration-slack.git |
| 30 | +cd aws-backup-integration-slack |
| 31 | + |
| 32 | +# build static Linux binary for lambda |
| 33 | +GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o bootstrap |
| 34 | + |
| 35 | +# package |
| 36 | +zip deployment.zip bootstrap |
| 37 | +``` |
| 38 | + |
| 39 | +## Required Environment Variables |
| 40 | + |
| 41 | +| name | example | purpose | |
| 42 | +| --------------------- | ------------------------------------------ | ------------------------------------------------------------ | |
| 43 | +| `APP_SLACK_TOKEN` | `xoxb-…` | slack bot token (store in secrets manager) | |
| 44 | +| `APP_SLACK_CHANNEL` | `C000XXXXXXX` | channel id to post findings | |
| 45 | +| `APP_DEBUG_ENABLED` | `true` | verbose logging & event dump | |
| 46 | + |
| 47 | +## Create Lambda Function |
| 48 | + |
| 49 | +1. **IAM role** |
| 50 | + * `AWSLambdaBasicExecutionRole` managed policy |
| 51 | + * no additional AWS API permissions are required |
| 52 | +2. **Lambda config** |
| 53 | + * Runtime: `al2023provided.al2023` (provided.al2 also works) |
| 54 | + * Handler: `bootstrap` |
| 55 | + * Architecture: `x86_64` or `arm64` |
| 56 | + * Upload `deployment.zip` |
| 57 | + * Set environment variables above |
| 58 | +3. **EventBridge rule** |
| 59 | + ```json |
| 60 | + { |
| 61 | + "source": ["aws.backup"], |
| 62 | + "detail-type": ["Backup Job State Change"] |
| 63 | + } |
| 64 | + ``` |
| 65 | + Target: the Lambda function. |
| 66 | +4. **Slack App** |
| 67 | + * Add `chat:write` and `chat:write.public` |
| 68 | + * Custom bot avatar: upload AWS Backup logo in the Slack App *App Icon* |
| 69 | + section. |
| 70 | + |
| 71 | + |
| 72 | +## Local Development |
| 73 | + |
| 74 | +### Test with Samples |
| 75 | + |
| 76 | +```bash |
| 77 | +cp .env.example .env # edit the values |
| 78 | +go run . |
| 79 | +``` |
| 80 | + |
| 81 | +The sample runner replays `fixtures/samples.json` and posts to Slack exactly as |
| 82 | +the live Lambda would. |
| 83 | + |
0 commit comments