AWS Chatbot 不发布到 Slack
AWS Chatbot not publishing to Slack
我正在尝试使用 CloudFormation 创建聊天框。通过在 Notifaction Topi 中创建消息来测试它时,没有任何内容发布到 slack。
notifications.yml
AWSTemplateFormatVersion: 2010-09-09
Transform:
- AWS::Serverless-2016-10-31
Parameters:
Team:
Type: String
Environment:
Type: String
Domain:
Type: String
Channel:
Type: String
Workspace:
Type: String
Resources:
PipelineNotificationTopic:
Type: AWS::SNS::Topic
Properties:
Tags:
- Key: Domain
Value: "CICD"
- Key: Team
Value: "Engineering"
TopicName: "PipelineStatus"
PipelineEventRule:
Type: AWS::Events::Rule
Properties:
Description: "PipelineEventRule"
EventPattern:
source:
- "aws.codepipeline"
detail-type:
- "CodePipeline Pipeline Execution State Change"
detail:
state:
- STARTED
- CANCELED
- FAILED
- SUCCEEDED
State: "ENABLED"
Targets:
- Arn:
Ref: PipelineNotificationTopic
Id: "PipelineNotificationTopic"
SlackBot:
Type: AWS::Chatbot::SlackChannelConfiguration
Properties:
ConfigurationName: !Sub ${Team}-${Environment}-${Domain}
IamRoleArn: !GetAtt Role.Arn
SlackChannelId: !Ref Channel
SlackWorkspaceId: !Ref Workspace
SnsTopicArns:
- !Ref PipelineNotificationTopic
Role:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service: chatbot.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: Events
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- "events:*"
Resource:
- "*"
您需要授权slack频道收听发布的SNS通知。参考link [1] for more information on a step-by-step. Also, I would take their advice and open up IAM permissions using Amazon's pre-defined roles. (Like AWS-Chatbot-NotificationsOnly-Policy, AWS-Chatbot-LambdaInvoke-Policy, AWS-Chatbot-ReadOnly-Commands-Policy - If you think they are too permissive, you can dial them back with custom policies once you get it working). More information on that at link [2].
1 https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html
2 https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html#editing-iam-roles-for-chatbot
我正在尝试使用 CloudFormation 创建聊天框。通过在 Notifaction Topi 中创建消息来测试它时,没有任何内容发布到 slack。
notifications.yml
AWSTemplateFormatVersion: 2010-09-09
Transform:
- AWS::Serverless-2016-10-31
Parameters:
Team:
Type: String
Environment:
Type: String
Domain:
Type: String
Channel:
Type: String
Workspace:
Type: String
Resources:
PipelineNotificationTopic:
Type: AWS::SNS::Topic
Properties:
Tags:
- Key: Domain
Value: "CICD"
- Key: Team
Value: "Engineering"
TopicName: "PipelineStatus"
PipelineEventRule:
Type: AWS::Events::Rule
Properties:
Description: "PipelineEventRule"
EventPattern:
source:
- "aws.codepipeline"
detail-type:
- "CodePipeline Pipeline Execution State Change"
detail:
state:
- STARTED
- CANCELED
- FAILED
- SUCCEEDED
State: "ENABLED"
Targets:
- Arn:
Ref: PipelineNotificationTopic
Id: "PipelineNotificationTopic"
SlackBot:
Type: AWS::Chatbot::SlackChannelConfiguration
Properties:
ConfigurationName: !Sub ${Team}-${Environment}-${Domain}
IamRoleArn: !GetAtt Role.Arn
SlackChannelId: !Ref Channel
SlackWorkspaceId: !Ref Workspace
SnsTopicArns:
- !Ref PipelineNotificationTopic
Role:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service: chatbot.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: Events
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- "events:*"
Resource:
- "*"
您需要授权slack频道收听发布的SNS通知。参考link [1] for more information on a step-by-step. Also, I would take their advice and open up IAM permissions using Amazon's pre-defined roles. (Like AWS-Chatbot-NotificationsOnly-Policy, AWS-Chatbot-LambdaInvoke-Policy, AWS-Chatbot-ReadOnly-Commands-Policy - If you think they are too permissive, you can dial them back with custom policies once you get it working). More information on that at link [2].
1 https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html
2 https://docs.aws.amazon.com/chatbot/latest/adminguide/getting-started.html#editing-iam-roles-for-chatbot