Why isn't my AWS Chatbot receiving messages from Amazon SNS?

7 minute read
0

I subscribed an AWS Chatbot to my Amazon Simple Notification Service (Amazon SNS) topic. However, notifications from my Amazon SNS topic aren't reaching the AWS Chatbot. How do I troubleshoot the issue?

Short description

If your Amazon SNS topic's notifications aren't reaching your AWS Chatbot, then one of the following is misconfigured:

  • (For Slack only) The communication channel between the AWS Chatbot and the Slack channel.
  • (For Slack and Amazon Chime) The communication channel between the Amazon SNS topic and the AWS Chatbot.

Resolution

Turn on CloudWatch Logs for your AWS Chatbot

Follow the instructions in Accessing Amazon CloudWatch Logs for AWS Chatbot.

(For Slack only) Verify that the communication channel between the AWS Chatbot and the Slack channel is configured correctly

Make sure that the Slack channel isn't archived or deleted

Archived or deleted Slack channels can't receive messages. All the apps in archived or deleted Slack channels are deactivated.

To unarchive a channel, see Archive or delete a channel in the Slack help center.

Note: You can't undelete a Slack channel. If the subscribed Slack channel is deleted, you must create a new Slack channel and configure the new channel to receive notifications from your topic.

Make sure that the AWS Chatbot app is installed on your Slack workspace

Review your AWS Chatbot CloudWatch Logs for the following error message: account_inactive. If you see an account_inactive error message, then your AWS Chatbot app isn't installed on your Slack workspace.

To install the AWS Chatbot app on your Slack workspace, follow the instructions in Set up chat clients for AWS Chatbot.

(For private Slack channels only) Make sure that the AWS Chatbot app is added to the Slack channel

Review your AWS Chatbot CloudWatch Logs for the following error message: channel_not_found. If you see a channel_not_found error message, then your AWS Chatbot app hasn't been added to the private channel.

To add the AWS Chatbot to a private Slack channel, run the /invite @AWS command in the private channel.

(For Slack and Amazon Chime) Verify that the communication channel between the Amazon SNS topic and the AWS Chatbot is configured correctly

Make sure that your AWS Chatbot is subscribed to your Amazon SNS topic

1.    Open the AWS Chatbot console.

2.    Under Configured clients, choose Slack or Amazon Chime based on your use case.

3.    Choose your Slack channel in the Slack workspace configuration, or your webhook in the Amazon Chime webhooks list.

4.    Choose Edit.

5.    In the Details pane, under Topics, verify that your Amazon SNS topic is listed. If the topic isn't listed, you must subscribe your Amazon SNS topic to your AWS Chatbot.

Make sure that the AWS Chatbot endpoint is listed as a topic subscription for your Amazon SNS topic

1.    Open the Amazon SNS console.

2.    In the left navigation pane, choose Topics. Then, choose the name of your Amazon SNS topic.

3.    Under Topic subscriptions, make sure that the following AWS Chatbot endpoint is listed: https://global.sns-api.chatbot.amazonaws.com. If the AWS Chatbot endpoint isn't listed as a topic subscription, then you must subscribe your Amazon SNS topic to your AWS Chatbot.

Note: To test the setup, use your AWS Chatbot configuration to send a test notification.

Make sure that you're not manually publishing messages to your Amazon SNS topic

AWS Chatbot doesn't support messages that are manually published to an Amazon SNS topic. Make sure that you send Amazon SNS notifications to your AWS Chatbot only through one of the services that are supported by AWS Chatbot.

Make sure that the AWS service that's publishing messages to your Amazon SNS topic is supported by AWS Chatbot

Review your AWS Chatbot CloudWatch Logs for the following error message: Event Received is not supported. If you see an Event Received is not supported error message, then the service publishing messages to your topic isn't supported by AWS Chatbot.

For a full list of services that are supported by AWS Chatbot, see Using AWS Chatbot with other AWS services.

Make sure that your Amazon SNS topic's access policy grants the required permissions for another AWS service to publish messages to the topic

1.    Open the Amazon SNS console.

2.    In the left navigation pane, choose Topics.

3.    Choose the topic that you subscribed your AWS Chatbot to. Then, choose Edit.

4.    Choose the Access policy tab. Then, review the Statement section of access policy. Make sure that the policy allows the correct AWS service to run the SNS:Publish API action.

5.    If your Amazon SNS access policy doesn't allow the correct service to publish events to your topic, update the policy by doing the following:
In the Details section of your topic page, choose Edit.
Expand the Access policy section, and then add the required permissions.

Note: For examples of Amazon SNS access policies, see Configure Amazon SNS topics for notifications in the Developer Tools console User Guide. Also, see Creating an Amazon SNS topic for budget notifications in the AWS Billing and Cost Management User Guide.

Make sure that raw message delivery isn't activated on your Amazon SNS topic

AWS Chatbot doesn't accept raw message delivery. To verify that raw message delivery is activated on your Amazon SNS topic, do the following:

1.    Open the Amazon SNS console.

2.    In the left navigation pane, choose Topics. Then, choose the name of your Amazon SNS topic.

3.    In the Details pane, for Raw message delivery, verify if the status is listed as enabled or disabled.

4.    If the status is listed as enabled, then turn off raw message delivery on your Amazon SNS topic by doing the following:
Choose Edit.
Choose Enable raw message delivery to deselect the raw message delivery option.
Choose Save changes.

(If you're using Amazon SNS topics with server-side encryption activated) Make sure that you include the required AWS Key Management Service (AWS KMS) key policy permissions

Your AWS KMS key policy must allow the service that's sending messages to publish to your encrypted SNS topics.

Make sure that your AWS KMS key policy includes the following section:
Important: Replace events.amazonaws.com with the AWS service principal for the service that's publishing to your encrypted SNS topics

{
  "Sid": "Allow CWE to use the key",
  "Effect": "Allow",
  "Principal": {
    "Service": "events.amazonaws.com"
    },
  "Action": [
    "kms:Decrypt",
    "kms:GenerateDataKey"
  ],
  "Resource": "*"
}

Note: To test the configuration using the AWS Management Console, your AWS Identity and Access Management (IAM) role requires permission to use the AWS KMS key.

Make sure that you're not publishing messages to your Amazon SNS topic at a rate higher than 10 notifications per second

AWS Chatbot allows for 10 events per second. If more than 10 events per second are received, then additional messages are throttled.

To verify whether your events are being throttled, review the EventsThrottled metric in your Amazon CloudWatch Logs for AWS Chatbot.

(If you're using Amazon EventBridge) Make sure that your EventBridge events don't use input transformers

AWS Chatbot doesn't recognize EventBridge input transformers. To verify if your Amazon EventBridge events aren't using input transformers, do the following:

1.    Open the EventBridge console.

2.    In the left navigation pane, choose Rules. Then, choose the name of your configured event rule.

3.    Select the check box next to the Amazon SNS topic that you've configured as a target for the rule. Then, choose View details.

4.    Verify if there's Input Transformer listed under Input section on the details page or not. If Input Transformer is listed, then remove the input transformers from your rule.

Note: For more information, see Transforming Amazon EventBridge target input.

(If you're using EventBridge) Make sure that you're not sending event notifications from AWS services that AWS Chatbot doesn't support through EventBridge

AWS Chatbot doesn't support event notifications sent through Amazon EventBridge from the following AWS services:

  • Amazon CloudWatch
  • AWS CodeBuild
  • AWS CodeCommit
  • AWS CodeDeploy
  • AWS CodePipeline

Related information

Troubleshooting AWS Chatbot

How do I use webhooks to publish Amazon SNS messages to Amazon Chime, Slack, or Microsoft Teams?

Test notifications from AWS services to Amazon Chime or Slack using CloudWatch

AWS OFFICIAL
AWS OFFICIALUpdated 2 years ago