Introduction

AWS Support App in Slack, enables you to directly manage your support cases in Slack and initiate a live chat with AWS Support engineers in Slack channels. This can help to integrate AWS Support into your team workflows to improve collaboration. We can also easily search previous cases in Slack to find recommendations and provided solutions and instantly share with our team.

Once we configure AWS Support App in Slack in our Management Account, we can authorize Member Accounts in our AWS Organizations within the same app. This will help us to create Support Cases from AWS Organization Member Accounts.

In this article, we will understand how to authorize AWS Organization Member Accounts using AWS CLI Commands. These instructions are useful if we are authorizing few AWS Organization Member Accounts. Please consider using AWS CloudFormation templates to authorize member accounts across your AWS Organizations at scale.

Prerequisites

The scope of this article is to help you authorize AWS Organization Member Accounts for AWS Support App in Slack. We assume that you have already created initial configuration of AWS Support App for Slack in Management Account for your AWS Organizations. To know more about initial configuration steps please refer this AWS Blog AWS Support App in Slack to Manage Support Cases

Authorize a Slack workspace: We must authorize Slack workspace for each AWS Account that we want to use. Please use steps provided in following AWS Documentation to authorize the Slack workspace for both Management Account and Member Accounts across your AWS Organizations.

Solution Walkthrough

Please perform below steps in AWS Organization Member Account that you want to authorize for AWS Support App in Slack:

1. Run AWS CLI Command/ API Call, register-slack-workspace-for-organization. This command will require the Team ID in Slack. This ID uniquely identifies a Slack workspace, for example 'T012ABCDEFG'.

Here is an example of AWS CLI Command with all the required parameters:

aws support-app register-slack-workspace-for-organization --team-id "T012ABCDEFG"

2. Create IAM role for AWS Support App. This role performs actions from other AWS services for you, such as the AWS Support API and Service Quotas. We can use AWS managed policy or create a custom policy as per our needs and attach it to created IAM role.

3. Run AWS CLI Command/ API Call, create-slack-channel-configuration. This command will require following parameters:

   • Channel ID - uniquely identifies a channel within a Slack workspace, for example 'C012ABCDEFG'.
   • Channel Role ARN - ARN of IAM role that you want to use to perform operations, we created this role in above step.
   • Notify On Case Severity - The case severity for a support case that you want to receive notifications. Valid Values: none | all | high
   • Team ID - uniquely identifies a Slack workspace, for example 'T012ABCDEFG'.

Here is an example of AWS CLI Command with all the required parameters:

aws support-app create-slack-channel-configuration \
--channel-id "C012ABCDEFG" \
--channel-role-arn "arn:aws:iam::123456789012:role/AWSSlackSupportAppRole" \
--notify-on-case-severity none \
--team-id "T012ABCDEFG"