AWS Infrastructure — Connect EventBridge, SNS, SQS to Microsoft Teams

John Gakhokidze
3 min readOct 23, 2020

--

AWS Services provide options to forward messages to many different targets.

AWS CodePipeline components support out of the box notifications to SNS and to AWS Chatbot(Slack).

SQS, SNS, EventBridge also have configurable targets, but obviously missing Microsoft Teams.

I am sure, you are already thinking something of Lambda, and that is correct. We are going to use Lambda and webhooks to connect SQS, SNS and EventBridge to Microsoft Teams.

Step1. Configure Microsoft Teams webhook:

Note:

  • You need to have permissions to manage team channel, where you are going to add connectors
  • Microsoft Teams must be enabled for your organization.
  • General information for adding connectors to Microsoft Teams
  1. In Microsoft Teams, select a team and a channel (the channel you want notifications sent to). To add a connector to a channel, click the ellipses (…), on the right of a channel name, then click Connectors.

2. In the list search for Incoming Webhook

3. Click Configure. Give it name, optionally you can upload image

4. Click Create

5. Copy Webhook url and click Done

Step 2. Lambda function

Lambda is using Python 3.6 Runtime, and was inspired by AWS blog post, there you can configure SNS notifications only. I added EventBridge events and SQS messages.

*EventBridge events:

Please note: indents are not adjusted, you can find code at VirtIOGroove GitHub repository

#!/usr/bin/python3.6
import urllib3
import json
http = urllib3.PoolManager()
def lambda_handler(event, context):
url = “
https://WEBHOOK_URL"
if (event[‘source’] == ‘aws.signin’):
eventtotext=json.dumps(event)
msg = {
“text”: eventtotext
}

encoded_msg = json.dumps(msg).encode(‘utf-8’)
resp = http.request(‘POST’,url, body=encoded_msg)

*SQS/SNS messages:

Please note: indents are not adjusted, you can find code at VirtIOGroove GitHub repository

#!/usr/bin/python3.6
import urllib3
import json
http = urllib3.PoolManager()
def lambda_handler(event, context):
url = “
http://WEB-hook" #Your webhook https is here
if (event[‘Records’][0][‘eventSource’] == ‘aws:sqs’):
msg = {“Text”: event[‘Records’][0][‘body’]}
else:

#replace conditions here explicitly checking for eventSource aws
#if you need more logic
#’EventSource’: ‘aws:sns’ like
# elesif (event[‘Records’][0][‘eventSource’] == ‘aws:sns’):

msg = {
“text”: event[‘Records’][0][‘Sns’][‘Message’]
}
encoded_msg = json.dumps(msg).encode(‘utf-8’)
resp = http.request(‘POST’,url, body=encoded_msg)

Step 3. Lambda permissions

  • When you create target in EventBridge(CloudWatch) it will promote permissions to invoke Lambda
  • For SQS queue , please make sure Lambda role has permissions:

sqs:ReceiveMessage
sqs:DeleteMessage
sqs:GetQueueAttributes

  • For SNS topic, please make sure Lambda role has permissions:

sns:Subscribe
sns:ListSubscriptionsByTopic
sns:Receive

Final words:

For Signin and Billing events deploy Lambda in us-east-1

--

--