Slack Slash Commands with AWS Lambda

Introduction

Incorporating Lambda functionality into your Slack opens endless possibilities for automation. 

The commands may provide a quick method to store the information such as "/todo" and "/memo" as well as very sophisticated methods to "/deploy" some code, or "/reserve" assets. 

With some additional work, the commands such as "/predict" or "/classify" could call on machine learning models. 

The options are truly unlimited and can serve your team, or you individually. 

If you constantly add the new automation skills to your repertoire,  it is going to give you that extra "edge" in the hyper-competitive world.

For ideas on constantly building your set of skills, read my article on Singularity on Medium.com.


Basic Architecture


  • The individual user, or a team, interact with the Slack client app or website.
  • The particular Slack team is identified by a unique token
  • The commands are identified by a leading /slash
  • The AWS API Gateway is able to provide:
    • monetization for the API
    • DDOS attack protection
    • throttling the frequency of received API calls
  • There can be an AWS Lambda function to verify the token and delegate tasks which might limit the security exposure of the system
  • AWS Lambda functions fulfill a very particular skill and connect to other AWS services or APIs as needed. 
  • Over many years you can have thousands of skills that you could progressively perfect and monetize 




Cost Considerations


  • AWS API Gateway costs $3.50 per month per million requests. The first million is free.
  • AWS Encryption costs about $1 per month


Create an AWS "IAM" role for this service



Create role step 1


select Lambda




Create role step 2a


Search and select "AWSLambdaBasicExecutionRole"



Create role step 2b


Search and select "AmazonDynamoDBFullAccess"


Create role step 3


Name the role












Go to the Slack you are an ADMINISTRATOR for:
e.g. https://ukidlucas.slack.com/apps

Search for "Slash Commands"



https://ukidlucas.slack.com/apps/[....]-slash-commands

It should display something like:




Click "Add Configuration"

Choose a Command: "/HelloWorld"

Click "Add Slash Command Integration"

From the "Outgoing Data" copy token=LONG_ALPHA_NUMERIC

Save the token value for next step.














Open AWS new Lambda with "slack-echo-command-python" blueprint

You can search and navigate to this blueprint, or click the link below.




Lambda Function: Basic Information



















Updating "Execution Role"



  • At first, the created role was not available, but later when I edited the Lambda Function it showed up:














Lambda Function: Slack Token


  • Paste the previously saved Slack token













Configuring Triggers: API name























Save the Lambda Function



  • Click on the "API Gateway" trigger block
  • Copy the API endpoint URL 
  • Paste that URL into the Slack 
  • Save the Slack Configuration



Try Calling the /helloworld from Slack

slackbot [10:12 AM]
Darn - that slash command didn't work (error message: `502_service_error`). Manage the command at text.

Go to AWS CloudWatch (your logs) by clicking Monitoring

https://console.aws.amazon.com/cloudwatch/





You can see that the initialization error has occurred having to do with Encryption


The extra level of encryption using KMS:


Set the token value as the "kmsEncryptedToken" value

Create Customer Master Key (CMK):






References