AWS CloudTrail Listener for Slack

Define & manage GorillaStack real-time workflows to monitor AWS CloudTrail via Slack.

Command and control GorillaStack automation from Slack. With ChatOps, you can be alerted, receive detailed information for each notification on demand without logging in to your cloud environment.

Using Slack to Track CloudTrail and CloudWatch

Key Benefits To Track CloudTrail in Slack

GorillaStack on Slack Integration

Track Any CloudTrail Events in Slack

Receive alerts into your Slack environment as soon as events hit your CloudTrail log. Apply your own filters so that only important events show up in your feed.

Monitoring CloudTrail in Slack

Takes Seconds To Install

Use the AWS console or run a simple command in your AWS CLI to kick off your AWS Slack integration right away. Your whole team has access to the bot with just a couple of clicks.

Slack notification for cloud alerts

Reach The Right Team Member

When you track a CloudTrail event using our AWS Slack integration, you can specify which channel or team member receives the alert – reduce noise and target the issue owner.

Cloud alerts details

Get The Right Information

Whenever you get a high level notification, you can expand the raw event text snippet to explore more detailed information.

Not sure which events to track? We recommend monitoring these CloudTrail events for security.

Affordable Pricing

Try 14 days trial for free. Script-free. No credit card required.


Frequently Asked Questions (FAQs)

About Real-Time Events

1What events do you track?

You can use GorillaStack to filter and alert on any CloudTrail event.

For more information on the kinds of events you may wish to consider, you can read about high priority CloudTrail security events.

2How quickly are events registered?

Receive notifications in real time as CloudTrail events take place. Typically a system event will write to CloudTrail in less than 10 seconds.


1Are you available on AWS Marketplace?

Yes, you can pay for us via the AWS marketplace, GorillaStack will appear as an item on your bill every month.

2Do you offer discounts?

We do! If you want to pay a year up front, we'll give you 2 months for free, you can get in contact at any time. Also, call us if you're a not-for-profit, we'll assess these on a case-by-case basis.

Getting Started

1How do I link my cloud accounts to GorillaStack?

AWS Accounts are linked to GorillaStack by deploying a CloudFormation template. When deployed this CloudFormation template:

  1. Creates an IAM role for cross-account access. GorillaStack assumes this role when collecting data and executing actions and the role's IAM permissions control GorillaStack's level of privilege
  2. Creates a Lambda Function which has the sole responsibility of posting back to GorillaStack on successful or unsuccessful stack creation.

Azure subscriptions are linked by running a script in the Azure cloud shell.

2What if I don't link all my organization’s accounts to GorillaStack?

The GorillaStack bill is only calculated based on the infrastructure that is linked to GorillaStack. If you don’t connect any AWS accounts we won’t charge you for coverage.

3What permissions do I need to give to GorillaStack?

An AWS Account is linked to GorillaStack by deploying a CloudFormation template.

This CloudFormation template creates a role for cross-account access, containing IAM permissions which control what GorillaStack can do within a linked account.

Within GorillaStack you can enable and disable Rule Triggers and Actions to only allow what you want to use. When you make changes to enabled Rule Triggers and Actions we generate a unique CloudFormation template, containing only the IAM permissions you need.

To leverage all Triggers and Actions in GorillaStack Cost Optimization, a linked account needs to allow the following IAM permissions:

autoscaling:DescribeAutoScalingGroups autoscaling:UpdateAutoScalingGroup dynamodb:DescribeTable dynamodb:ListTables dynamodb:ListTagsOfResource dynamodb:UpdateTable ec2:DeleteSnapshot ec2:DeleteVolume ec2:DescribeAddresses ec2:DescribeInstances ec2:DescribeSnapshots ec2:DescribeTags ec2:DescribeVolumes ec2:RebootInstances ec2:ReleaseAddress ec2:StartInstances ec2:StopInstances ecs:DescribeServices ecs:ListClusters ecs:ListServices ecs:UpdateService rds:DescribeDBInstances rds:DescribeDBSnapshots rds:ListTagsForResource rds:StartDBInstance rds:StopDBInstance sns:ConfirmSubscription sns:ListTopics sns:Subscribe sns:Unsubscribe

4Can I customize GorillaStack's permissions in my linked cloud accounts?


We provide the option of customizing the template using the GorillaStack interface to restrict the available permissions to just the Rules Engine Actions and Triggers that you need (no CloudFormation knowledge needed!). This can be done on first-time Account Setup, or by updating the setup for already linked accounts.

More questions? We can help.

Speak to us to find the right solution for your DevOps team. 

AWS Advanced Technology Partner

ARN Startup of the year 2017, 2018, 2019

Available via AWS Marketplace