Skip to main content
The terraform-aws-notify-slack module creates an SNS topic (or subscribes to an existing one) and an AWS Lambda function that forwards notifications to a Slack channel using Slack’s incoming webhooks API. When an AWS service publishes a message to the SNS topic, the Lambda function (Python 3.13) parses the event payload, formats it into a Slack message, and sends it to the configured channel via your webhook URL.
Before you deploy this module, you need a Slack incoming webhook URL. Create one at my.slack.com/services/new/incoming-webhook and keep it secure — treat it like a password.

What the module creates

By default the module provisions:
  • An SNS topic with an optional KMS encryption key
  • An AWS Lambda function (Python 3.13) subscribed to the topic
  • The IAM role and policy the Lambda function needs to run and write CloudWatch logs
  • A CloudWatch log group for Lambda execution logs
You can point the module at an existing SNS topic instead of creating a new one by setting create_sns_topic = false.

Supported event types

The Lambda function recognises and formats the following AWS event types before sending them to Slack:

CloudWatch Alarms

Metric alarms and LogMetrics alarms from Amazon CloudWatch.

GuardDuty Findings

Threat-intelligence findings produced by Amazon GuardDuty.

GuardDuty Malware Scan

Object scan results from GuardDuty Malware Protection.

Security Hub

Findings aggregated by AWS Security Hub.

AWS Health

Service health events and scheduled maintenance notices.

AWS Backup

Backup job status and vault notifications.

Generic messages

Any plain-text or JSON message published directly to the SNS topic.

Basic usage

Add the module block to your Terraform configuration and supply the four required variables: 
module "notify_slack" {
  source  = "terraform-aws-modules/notify-slack/aws"
  version = "~> 7.0"

  sns_topic_name = "slack-topic"

  slack_webhook_url = "https://hooks.slack.com/services/AAA/BBB/CCC"
  slack_channel     = "aws-notification"
  slack_username    = "reporter"
}

Key configuration options

VariableRequiredDescription
sns_topic_nameYesName for the SNS topic to create (or subscribe to).
slack_webhook_urlYesSlack incoming webhook URL.
slack_channelYesSlack channel name that receives notifications.
slack_usernameYesDisplay name for the bot posting messages.
create_sns_topicNoSet to false to use an existing topic instead of creating one.
kms_key_arnNoKMS key ARN used to decrypt an encrypted webhook URL stored as a ciphertext.
sns_topic_kms_key_idNoKMS key ARN for server-side encryption of the SNS topic.
lambda_function_vpc_subnet_idsNoDeploy the Lambda function inside a VPC by providing subnet IDs.
lambda_function_vpc_security_group_idsNoSecurity groups to attach when the function runs inside a VPC.
Ready to deploy? Follow the Quickstart to go from zero to notifications in minutes.

Build docs developers (and LLMs) love

Get started for freeTalk to us