< Home

While making a chatbot that would tell me my daily spend everyday in a Slack channel I noticed a very strange limitation of AWS Chatbot. Messages put in SNS needed to be formatted in some way or the chatbot would not process them.

Very strange limitation in my eyes but one that is documented. The limitation even talks about how AWS Chatbot will only process messages by services that it supports.

Make sure that you send Amazon SNS notifications to your AWS Chatbot only through one of the services that are supported by AWS Chatbot.

So I tested this out, and indeed. With a general message it wasn’t possible. AWS Chatbot would not send anything to my Slack Channel. Bugger!

But… what if I spoofed a message from another AWS service and made it look like a valid one?

I looked at the supported services of AWS Chatbot and noticed Amazon EventBridge. That was quite a generic way to do it!

So I looked into the details of such message and arrived at the ECR message when a new image was pushed.

{
    "version": "0",
    "id": "13cde686-328b-6117-af20-0e5566167482",
    "detail-type": "ECR Image Action",
    "source": "aws.ecr",
    "account": "123456789012",
    "time": "2019-11-16T01:54:34Z",
    "region": "us-west-2",
    "resources": [],
    "detail": {
        "result": "SUCCESS",
        "repository-name": "my-repository-name",
        "image-digest": "sha256:7f5b2640fe6fb4f46592dfd3410c4a79dac4f89e4782432e0378abcd1234",
        "action-type": "PUSH",
        "image-tag": "latest"
    }
}

Now, I manually published this message to the SNS I configured with my AWS Chatbot and…

AWS Chatbot custom message

That just worked!

So… can I change the format a bit more to my likening?

{
    "version": "0",
    "id": "13cde686-328b-6117-af20-0e5566167482",
    "detail-type": "Stroobants.dev - New blogpost! 😍",
    "source": "aws.ecr",
    "account": "123456789012",
    "time": "2019-11-16T01:54:34Z",
    "region": "stroobants.dev!-_/|?!.,",
    "resources": [],
    "detail": {
    }
}

And the slack message that it generated

Custom message

The limitations I detected from some quick try-outs.

So, if you have a custom script which you want to use to send messages to your Slack channel through AWS Chatbot. Spoof those messages!

< Home