Last active
January 24, 2018 11:12
-
-
Save sunils34/2f1c43f93f1f42c80c18 to your computer and use it in GitHub Desktop.
Lambda Slack Echo Blueprint
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| This function handles a Slack slash command and echoes the details back to the user. | |
| Follow these steps to configure the slash command in Slack: | |
| 1. Navigate to https://<your-team-domain>.slack.com/services/new | |
| 2. Search for and select "Slash Commands". | |
| 3. Enter a name for your command and click "Add Slash Command Integration". | |
| 4. Copy the token string from the integration settings and use it in the next section. | |
| 5. After you complete this blueprint, enter the provided API endpoint URL in the URL field. | |
| Follow these steps to encrypt your Slack token for use in this function: | |
| 1. Create a KMS key - http://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html. | |
| 2. Encrypt the token using the AWS CLI. | |
| $ aws kms encrypt --key-id alias/<KMS key name> --plaintext "<COMMAND_TOKEN>" | |
| 3. Copy the base-64 encoded, encrypted key (CiphertextBlob) to the kmsEncyptedToken variable. | |
| 4. Give your function's role permission for the kms:Decrypt action. | |
| Example: | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "kms:Decrypt" | |
| ], | |
| "Resource": [ | |
| "<your KMS key ARN>" | |
| ] | |
| } | |
| ] | |
| } | |
| Follow these steps to complete the configuration of your command API endpoint | |
| 1. When completing the blueprint configuration select "POST" for method and | |
| "Open" for security on the Endpoint Configuration page. | |
| 2. After completing the function creation, open the newly created API in the | |
| API Gateway console. | |
| 3. Add a mapping template for the x-www-form-urlencoded content type with the | |
| following body: { "body": $input.json("$") } | |
| 4. Deploy the API to the prod stage. | |
| 5. Update the URL for your Slack slash command with the invocation URL for the | |
| created API resource in the prod stage. | |
| */ | |
| var AWS = require('aws-sdk'); | |
| var qs = require('querystring'); | |
| var token, kmsEncyptedToken; | |
| kmsEncyptedToken = "<kmsEncryptedToken>"; | |
| exports.handler = function (event, context) { | |
| if (token) { | |
| // Container reuse, simply process the event with the key in memory | |
| processEvent(event, context); | |
| } else if (kmsEncyptedToken && kmsEncyptedToken !== "<kmsEncryptedToken>") { | |
| var encryptedBuf = new Buffer(kmsEncyptedToken, 'base64'); | |
| var cipherText = {CiphertextBlob: encryptedBuf}; | |
| var kms = new AWS.KMS(); | |
| kms.decrypt(cipherText, function (err, data) { | |
| if (err) { | |
| console.log("Decrypt error: " + err); | |
| context.fail(err); | |
| } else { | |
| token = data.Plaintext.toString('ascii'); | |
| processEvent(event, context); | |
| } | |
| }); | |
| } else { | |
| context.fail("Token has not been set."); | |
| } | |
| }; | |
| var processEvent = function(event, context) { | |
| var body = event.body; | |
| var params = qs.parse(body); | |
| var requestToken = params.token; | |
| if (requestToken !== token) { | |
| console.error("Request token (" + requestToken + ") does not match exptected"); | |
| context.fail("Invalid request token"); | |
| } | |
| var user = params.user_name; | |
| var command = params.command; | |
| var channel = params.channel_name; | |
| var commandText = params.text; | |
| context.succeed(user + " invoked " + command + " in " + channel + " with the following text: " + commandText); | |
| }; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment