slack-mcp
Provides tools for posting messages and files to Slack channels through the Slack Web API.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@slack-mcpPost 'Deployment completed successfully' to #deployments"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
slack-mcp
An AWS-native MCP server that posts to Slack (post_to_slack,
post_file_to_slack), reachable via an Amazon Bedrock AgentCore Gateway.
Today's one caller: daily-tech-brief-bedrock's
Bedrock Converse API tool-use loop, replacing its vendored, stdio-spawned
copy of a Node.js slack-poster MCP server. This is deliberately scoped to
AI callers that decide mid-reasoning to invoke a tool — a packaged
automation with no LLM in its trigger path (e.g. a website's deploy/signup
notifications) has no use for MCP here and should keep calling a plain
Slack incoming webhook instead. See the tool logic's origin and the scope
decision in the project's own history for the full reasoning.
Architecture
AWS-internal AI caller (Bedrock Converse tool-use loop, SigV4-signed via
IAM — e.g. mcp-proxy-for-aws's aws_iam_streamablehttp_client)
|
v
AgentCore Gateway (authorizer_type = AWS_IAM, protocol_type = MCP)
|
v
API Gateway HTTP API (route auth = AWS_IAM, AWS_PROXY integration)
|
v
Lambda (container image, Python 3.13) -- FastMCP streamable-HTTP server
wrapped for Lambda via Mangum
|
v
Slack Web API (chat.postMessage, using a Bot Token from Secrets Manager)No VPC Link, ALB, or ECS hop, unlike the sibling CoreSample repo's
ec2-audit-mcp (which runs on Fargate) — API Gateway integrates with a
Lambda directly, and this tool's actual workload (one outbound HTTPS POST
to Slack) doesn't need a always-on container.
Related MCP server: Slack Notify MCP
Repository layout
server/
handler.py Lambda entrypoint: FastMCP app (post_to_slack,
post_file_to_slack tools) wrapped for Lambda via Mangum
slack_tools.py Pure Slack-posting logic, ported from
daily-tech-brief-bedrock's vendored slack_mcp_server/index.js
Dockerfile
requirements.txt
terraform/
lambda.tf ECR repo, Lambda (container image), IAM execution role
secrets.tf Looks up the existing daily-tech-brief-bedrock Slack
bot token secret (reused, not duplicated)
api_gateway.tf HTTP API, AWS_PROXY integration, AWS_IAM route auth
agentcore_gateway.tf AgentCore Gateway + target
deploy_policy.tf Dedicated deploy IAM user + managed policy, shared
by CI's OIDC role (see "Deploy identity" below)
versions.tf / variables.tf / outputs.tf
tests/ pytest unit tests (mocked Slack API calls, no network)
.github/workflows/test.yml CI gate: ruff/mypy/pytest + terraform fmt/validate
.github/workflows/deploy.yml Auto-triggered on push to mainCurrent status
Live and deployed. Full CI/CD path proven end-to-end: feature branch →
PR → passing test CI → merge to main → auto-triggered deploy.yml via
GitHub OIDC → terraform apply → image build/push → Lambda update.
Lambda:
slack-mcp(container image, Python 3.13)API Gateway HTTP API:
https://8gr00zm4d9.execute-api.us-west-2.amazonaws.com/AgentCore Gateway:
arn:aws:bedrock-agentcore:us-west-2:293528978619:gateway/slack-mcp-cp2plvgahi, target statusREADY
See CLAUDE.md for the required PR workflow and the deploy-identity/RBAC
setup, and the project's vault note for the architecture decisions this was
built against (validated directly against CoreSample's
deployed-and-verified AgentCore Gateway pattern, not guessed from docs).
Local verification
pip install -r server/requirements.txt -r requirements-dev.txt
ruff check server tests
mypy server
pytest
cd terraform && terraform fmt -check -recursive . && terraform init -backend=false && terraform validateOne-time setup (already done for this stack; kept for reference/re-bootstrap)
Bootstrap the Terraform state bucket (
slack-mcp-tfstate-<account-id>), same out-of-band process asCoreSample/daily-tech-brief-bedrock.No token setup needed — this stack reads the existing
daily-tech-brief-bedrock/slack-bot-tokenSecrets Manager secret rather than provisioning its own.Bootstrap the deploy identities by hand (deliberately outside Terraform for the OIDC role — see
CLAUDE.md"Deploy identity / RBAC"):Create the
slack-mcp-deployIAM user.Create the
slack-mcp-github-deployIAM role with a trust policy scoped to this repo via GitHub's OIDC provider (repository_idcondition + wildcardsubmatch, not a literal repo-name string — seeCLAUDE.mdfor why).Set the
AWS_DEPLOY_ROLE_ARNGitHub Actions repo secret to that role's ARN.
terraform init && terraform apply(as theslack-mcp-deployuser) to create the ECR repo and everything else, includingaws_iam_policy.deployand its attachment to both identities from step 3, then build and push the Lambda image (docker build -f server/Dockerfile -t <ecr-repo>:latest . && docker push ...), thenterraform applyagain so the Lambda'simage_uriresolves. From then on, every merge tomainre-runs this automatically via.github/workflows/deploy.yml.Grant the calling project's execution role
bedrock-agentcore:InvokeGatewayon this stack'sagentcore_gateway_arnoutput.
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/jamessmoore/slack-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server