We love bots and we sure do love building them. Today, we are excited to unveil our very first AI enabled Bot for the cloud, the awsBot. The bot plugs right into your current enterprise communication / IM software like Slack and manages your resources on the cloud. The bot is simple, secure and highly scalable. It currently works with EC2,S3 and AWS Cloudformation.
Why we built this
We run multiple production workloads on AWS and the Google cloud platforms. As such almost always we have the AWS console and the CLI tools running in the background. Though using a combination of the console and the CLI tools you can do a lot, we still have a number of custom programs that we manually run. The CTR team is spread across the globe so we also use slack a lot. In fact we love it. We were excited to explore the possibility, of bringing the power of AWS automation to Slack. The idea was to be able to do significant portion of our AWS related work right from within slack. No commands, CLI or console.
What it does
The bot takes instructions from a authorized slack channel and carries out common AWS tasks that you would typically do using the console or using AWS command line tools. Once the user is logged into Slack to their channel , they do not need to log in again. It uses the slack token combined with AWS IAM , roles to ensure security and access. Currently the bot can do a variety of common task with EC2 and S3 like for example you can start and stop instances. The bot can also quickly list the status of your instances in a particular region. Something we use quite often. Similarly for S3 it can list out buckets and the contents of a bucket.
The bot can also take backups at an instance level and list out all available snapshots for an instance. Using cloud formation, the can create resources for you on AWS. The bot also provides live feedback as the status of your resources change in AWS, like when new resources are being deployed or when instances are being turned off, all without leaving Slack.
Security was one of the other primary challenges we had when we initially started working on this. Even before we had written the first line of code for the bot, we knew we needed to implement some of kind encryption along with roles. We have used client and server side encryption in the past, so wanted to build the same level of encryption on this bot. Currently the bot uses a key management service from AWS to securely encrypt the communication tokens to prevent any unauthorised use. In addition, all communication between the bot and AWS is over TLS/SSL.
What’s next for awsBot