blog_img
awsBot : An AI Enabled Bot For The Cloud

We love bots and we sure do love building them. Today, we are excited to unveil our very first AI enabled Bot for the cloud, the awsBot. The bot plugs right into your current enterprise communication / IM software like Slack and manages your resources on the cloud. The bot is simple, secure and highly scalable. It currently works with EC2,S3 and AWS Cloudformation.

Why we built this
We run multiple production workloads on AWS and the Google cloud platforms. As such almost always we have the AWS console and the CLI tools running in the background. Though using a combination of the console and the CLI tools you can do a lot, we still have a number of custom programs that we manually run. The CTR team is spread across the globe so we also use slack a lot. In fact we love it. We were excited to explore the possibility, of bringing the power of AWS automation to Slack. The idea was to be able to do significant portion of our AWS related work right from within slack. No commands, CLI or console.

What it does

The bot takes instructions from a authorized slack channel and carries out common AWS tasks that you would typically do using the console or using AWS command line tools. Once the user is logged into Slack to their channel , they do not need to log in again. It uses the slack token combined with AWS IAM , roles to ensure security and access. Currently the bot can do a variety of common task with EC2 and S3 like for example you can start and stop instances. The bot can also quickly list the status of your instances in a particular region. Something we use quite often. Similarly for S3 it can list out buckets and the contents of a bucket.

The bot can also take backups at an instance level and list out all available snapshots for an instance. Using cloud formation, the can create resources for you on AWS. The bot also provides live feedback as the status of your resources change in AWS, like when new resources are being deployed or when instances are being turned off, all without leaving Slack.

Core Architecture

  • The bot is built grounds up on a serverless architecture, hence it is scalable out of the the box.
  • Exposed only via REST API’s making integrations seamless and quick.
  • Built in security via AES 256 bit encryption and TSL/SSL (see below for additional details). No credentials are ever saved.

Security

Security was one of the other primary challenges we had when we initially started working on this. Even before we had written the first line of code for the bot, we knew we needed to implement some of kind encryption along with roles. We have used client and server side encryption in the past, so wanted to build the same level of encryption on this bot. Currently the bot uses a key management service from AWS to securely encrypt the communication tokens to prevent any unauthorised use. In addition, all communication between the bot and AWS is over TLS/SSL.

What’s next for awsBot

  • Expanding to cover other AWS services like RedShift and RDS
  • Building additional intelligence via natural language processing
  • Adding additional capabilites to the bot beyond AWS and Slack

LEARN MORE

Connect with a consultant to discuss how we can customize a similar solution for your company's specific challenges. Please contact Dick Kenney at 714- 912-9719 or fill out the contact form below.







«« Reduce your AWS Costs by up to 30%Architecting for Cloud Security: Bastion Hosts »»