Tutorial: Get started with Microsoft Teams - AWS Chatbot
PrerequisitesStep 1: Configure a Microsoft Teams clientStep 2: Configure a Microsoft Teams channelStep 3: Test notifications from AWS services to Microsoft TeamsConfiguring Microsoft Teams channels using AWS CloudFormationNext steps

Tutorial: Get started with Microsoft Teams

To get started using AWS Chatbot to help manage your AWS infrastructure, follow the steps below to set up AWS Chatbot with chat rooms and Amazon SNS topic subscriptions. Note that AWS Chatbot is approved by your Microsoft Teams administrator.

Prerequisites

Before you get started, make sure you've completed the tasks in Setting up AWS Chatbot. You should also ensure Microsoft Teams is installed and approved by your organization administrator. You will need to choose a permissions scheme in the following procedure. This scheme determines the permissions your channel members will have and what AWS Chatbot can do on your behalf. For more information about AWS Chatbot permissions, see Understanding permissions You must also create or choose a channel to be used in your AWS Chatbot configuration. This channel is used to monitor and operate your AWS resources.

Note

The following IAM permissions are required to create a Microsoft Teams configuration:

  • GetMicrosoftTeamsOauthParameters

  • RedeemMicrosoftTeamsOauthCode

  • CreateMicrosoftTeamsChannelConfiguration

If you have less than administrative permissions, ensure you have the aforementioned permissions to create a configuration.

Step 1: Configure a Microsoft Teams client

To allow AWS Chatbot to send notifications or run commands in your Microsoft Teams channel, you must configure AWS Chatbot with Microsoft Teams.

To configure a Microsoft Teams client

  1. Add AWS Chatbot to your team:

    1. In Microsoft Teams, find your team name and choose ..., then choose Manage team.

    2. Choose Apps, then choose More apps.

    3. Enter aws in the search bar to find AWS Chatbot.

    4. Select the bot.

    5. Choose Add to a team and complete the prompt.

  2. Open the AWS Chatbot console at https://console.aws.amazon.com/chatbot/.

  3. Under Configure a chat client, choose Microsoft Teams, then choose Configure client.

  4. Copy and paste your Microsoft Teams channel URL.

    Tip

    Your channel URL contains your tenant, team, and channel IDs. You can find your channel URL by right clicking on the channel in your Microsoft Teams channel list and copying the link. Your channel ID is the portion of your channel URL after the path /channel/, starting with 19%3 and likely ending with either thread.tacv2 or thread.skype.

    For example, the bolded portion of the following channel URL is its channel ID: https://teams.microsoft.com/l/channel/19%3Ae5eace25j32023jga835103358eapge3t8235%40thread.tacv2/ChannelName?groupId=0d36500a-6023-419c-8c36-7e21f19b0135&tenantId=5fe61832-9f46-403b-a7db-cf9cf2e38199.

  5. Choose Configure.

    Note

    After choosing Configure, you'll be redirected to Microsoft Team's authorization page to request permission for AWS Chatbot to access your information. For more information, see Chat client application permissions for AWS Chatbot.

  6. On the Microsoft Teams authorization page, choose Accept.

Step 2: Configure a Microsoft Teams channel

To allow AWS Chatbot to send notifications or run commands in your Microsoft Teams channel, you must also configure AWS Chatbot with a Microsoft Teams channel. Channel configuration consists of:

  • Associating a channel with the configuration

  • Defining user permissions, which dictate what tasks users can perform in a channel

  • (Optional) Adding Amazon SNS topics, which AWS Chatbot uses to send notifications to your channel

Note

Microsoft Teams doesn't currently support AWS Chatbot in private channels. For more information, see Private channel limitations.

To configure a Microsoft Teams channel

  1. Associate a channel with your configuration:

    1. On the Team details page in the AWS Chatbot console, choose Configure new channel.

    2. Under Configuration details, enter a name for your configuration. The name must be unique across your account and can't be edited later.

    3. If you want to enable logging for this configuration, choose Publish logs to Amazon CloudWatch Logs. For more information, see Amazon CloudWatch Logs for AWS Chatbot.

      Note

      There is an extra charge for using CloudWatch Logs.

    4. For Team channel, paste your Microsoft Teams channel URL.

  2. Define user permissions:

    1. Choose your Role Setting.

      Tip

      Your role setting dictates what permissions your channel members have. A channel role gives all members the same permissions. This is useful if your channel members typically perform the same actions in Microsoft Teams. A user role requires your channel members to choose their own roles. As such, different users in your channels can have different permissions. This is useful if your channel members are diverse or you don’t want new channel members to perform actions as soon as they join the channel. For more information, see Role setting.

      Channel role

      1. For Role setting, choose Channel role.

      2. For Channel role, choose Create new role. If you want to use an existing role instead, choose Use an existing role. To use an existing IAM role, you will need to modify it for use with AWS Chatbot. If you want your users to be able to use Amazon Q, attach the AmazonQDeveloperAccess policy. For more information, see Configuring an IAM Role for AWS Chatbot.

      3. For Role name, enter a name. Valid characters: a-z, A-Z, 0-9, .\w+=,.@-_.

      4. For Policy template, select Amazon Q permissions and any other templates you wish to use.

      User roles

      1. For Role setting, choose User roles.

    2. Select the policies that will make up your channel guardrails. Your channel guardrails control what actions are available to your channel members. Add AmazonQDeveloperAccess as a channel guardrail to allow your users to use Amazon Q in your Microsoft Teams channel.

  3. (Optional) Add Amazon SNS topics:

    Note

    If you want to receive notifications in your Slack channel, complete these steps.

    1. Choose your notification settings:

      1. For SNS Region, choose the AWS Region that hosts the SNS topics for this AWS Chatbot subscription.

      2. For SNS topic, choose the Amazon SNS topic for the client subscription. This topic determines the content that's sent to the Microsoft Teams channel. If the region has additional SNS topics, you can choose them from the same dropdown list. The SNS topics you choose must be configured in the services for which you want to receive notifications. For more information, see Monitoring AWS services using AWS Chatbot.

      3. To add an Amazon SNS topic from another AWS Region to the notification subscription, choose Add another Region.

        Note

        For a tutorial on subscribing existing Amazon SNS topics to AWS Chatbot, see Tutorial: Subscribing an Amazon SNS topic to AWS Chatbot.

        Notifications from supported services that publish to the chosen Amazon SNS topics will now appear in the Microsoft Teams channel.

  4. Choose Configure.

Note

You can configure a Microsoft Teams channel to run commands to your AWS account. For more information, see Running AWS CLI commands from chat channels.

You can configure as many channels with as many topics as you need.

If you want to allow AWS Chatbot to answer questions about your AWS resources, turn on AWS Resource Explorer in the Resource Explorer Console. For more information, see Getting started with Resource Explorer in the AWS Resource Explorer User Guide.

Step 3: Test notifications from AWS services to Microsoft Teams

To verify that an Amazon Simple Notification Service (Amazon SNS) topic sends notifications to your Microsoft Teams channel, you can test your setup by sending a notification. Ensure your AWS Chatbot configuration is subscribed to at least one Amazon SNS topic and that your topics are assigned to a service supported by AWS Chatbot. For a list of supported services, see Monitoring AWS services using AWS Chatbot. You can also test notifications by using CloudWatch. For more information, see Test notifications from AWS services to Microsoft Teams using CloudWatch.

Testing notifications with configured clients

  1. Open the AWS Chatbot console.

  2. Choose the configured client you want to test.

  3. In the configured client, choose the channel to send a test notification to.

  4. Choose Send test message.

  5. View the confirmation message at the top of the screen that shows a message was sent to your Amazon SNS topic.

  6. Confirm the test message in your Microsoft Teams channel.

Configuring Microsoft Teams channels using AWS CloudFormation

You can automate Microsoft Teams channel configuration by using an AWS CloudFormation template. To use an AWS CloudFormation template, you need the Team ID and Tenant ID found under Team details in the AWS Chatbot console. For more information, see AWS::Chatbot::MicrosoftTeamsChannelConfiguration in the AWS CloudFormation User Guide.

Next steps

After you configure your chat clients and test that your notifications are working, you might want to explore some of the following topics: