This example deploys a Lambda function and relevant CloudTrail and CloudWatch resources to send a Slack notification for any resource operation that is performed via the AWS Console.
Note: This application sets up the necessary infrastructure across each AWS region in your
account that is opt-in-not-required or opted-in. The Pulumi application uses the
DescribeRegions API
via aws-sdk-go to query for available regions.
To deploy your infrastructure, follow the below steps.
After cloning this repo, run these commands from the working directory:
-
Build the handler:
-
For developers on Linux and macOS:
make
-
For developers on Windows:
-
Get the
build-lambda-ziptool:set GO111MODULE=on go.exe get -u github.com/aws/aws-lambda-go/cmd/build-lambda-zip -
Use the tool from your GOPATH:
set GOOS=linux set GOARCH=amd64 set CGO_ENABLED=0 go build -o handler\dist\handler handler\handler.go %USERPROFILE%\Go\bin\build-lambda-zip.exe -o handler\dist\handler.zip handler\dist\handler
-
-
-
Create a new Pulumi stack, which is an isolated deployment target for this example:
pulumi stack init
-
Set the required configuration variables for this program:
pulumi config set slackWebhookURL 'YOUR_SLACK_WEBHOOK_URL'
-
Execute the Pulumi program to create our lambda:
pulumi up
-
Perform a change in the AWS Console and look for a notification in your Slack channel. Note: you must perform a write such as adding or removing tags from a resource, launching an instance, or deleting a resource.
-
From there, feel free to experiment. Simply making edits, rebuilding your handler, and running
pulumi upwill update your lambda. Customize the Slack message username or text with the following configuration values:pulumi config set slackMessageUsername 'Console Change Monitor' pulumi config set slackMessageText ':warning: Somebody made a change in the console!'
-
Afterwards, destroy your stack and remove it:
pulumi destroy --yes pulumi stack rm --yes