Slackbot using AWS Lamdba, DynamoDB and ECR
- Building the Dockerfile
- Push to Amazon Elastic Container Registry
- Creating an IAM Role for Lamdba function with suitable access permissions
- Integration with Lambda function and API Gateway
- Integration with DynamoDB for message logging
Configure access to AWS credentials using the CLI
aws ecr get-login-password --region <region> | docker login --username AWS --password-stdin <account>.dkr.ecr.<region>.amazonaws.com
Build the current directory into a Docker image
docker build -t slackbot-test .
Add a suitable tag for the created image
docker tag slackbot-test:latest <account>.dkr.ecr.<region>.amazonaws.com/slackbot-test:latest
Once the image is ready, push to Elastic Container Registry
docker push <account>.dkr.ecr.<region>.amazonaws.com/slackbot-test:latest
The following policy serves the purpose to grant access of generating logs and allowing actions on the DynamoDB table that is to be created.
Apply the policy to the role that will serve as the default execution role of the Lambda function that will be used.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "logs:CreateLogGroup",
"Resource": "arn:aws:logs:ap-northeast-2:<account>:*"
},
{
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:ap-northeast-2:<account>:log-group:/aws/lambda/slackbot-test:*"
},
{
"Effect": "Allow",
"Action": "dynamodb:*",
"Resource": "arn:aws:dynamodb:ap-northeast-2:<account>:table/todos"
}
]
}
Create a Lambda function using the container image which we previously pushed into our ECR.
Edit the default execution role to use the existing one made earlier, so the Lambda function is given the necessary permissions.
Create an API Gateway (HTTP API is recommended) that integrates the Lambda function we just created and edit the configurated routes to only allow POST methods.
After configuring the API Gateway, the function overview in the Lambda section will look like this.
Create a DynamoDB table with the exact name stated in the policy we created earlier.
It will now be possible to write messages into the DynamoDB table by using the mention function in Slack.
Messages will appear in the DynamoDB table as the below image indicates.