AWS Lambda function that listens to AWS Backup events via Amazon EventBridge and publishes clean, threaded messages to Slack.
- native eventbridge trigger – Backup events invoke the function directly
- rich slack threads – each finding opens a thread with severity, region, account and a “view in console” button
- config-driven – all behavior controlled by environment variables
- AWS account with AWS Backup enabled in at least one region
- Slack App with a Bot Token (
chat:writescope) installed in your workspace - Go ≥ 1.24
- AWS CLI configured for the deployment account
git clone https://github.com/cruxstack/aws-backup-integration-slack-go.git
cd aws-backup-integration-slack-go
# build static Linux binary for lambda
GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -C cmd/lambda -o ../../bootstrap
# package
zip deployment.zip bootstrap| name | example | purpose |
|---|---|---|
APP_SLACK_TOKEN |
xoxb-… |
slack bot token (store in secrets manager) |
APP_SLACK_CHANNEL |
C000XXXXXXX |
channel id to post findings |
APP_DEBUG_ENABLED |
true |
verbose logging & event dump |
- IAM role
AWSLambdaBasicExecutionRolemanaged policy- no additional AWS API permissions are required
- Lambda config
- Runtime:
al2023provided.al2023(provided.al2 also works) - Handler:
bootstrap - Architecture:
x86_64orarm64 - Upload
deployment.zip - Set environment variables above
- Runtime:
- EventBridge rule
Target: the Lambda function.
{ "source": ["aws.backup"], "detail-type": [ "Backup Job State Change", "Backup Plan State Change", "Backup Vault State Change", "Copy Job State Change", "Region Setting State Change", "Restore Job State Change" ] } - Slack App
- Add
chat:writeandchat:write.public - Custom bot avatar: upload AWS Backup logo in the Slack App App Icon section.
- Add
cp .env.example .env # edit the values
go run -C cmd/sample .The sample runner replays fixtures/samples.json and posts to Slack exactly as
the live Lambda would.