[sneak]

ChatOps is bidirectional. This appears, at first glance, to simply be an alerting channel that can deliver to Slack.

Useful, but only a small piece of a ChatOps picture.

[jdenning]

Came here to say the same thing -- the real value in ChatOps comes when Ops folks are issuing commands in the chat room; this enables other employees to watch and learn how specific issues are investigated and resolved.

ChatOps is about providing visibility into operations.

[somepig]

> the real value in ChatOps comes when Ops folks are issuing commands in the chat room

yeah, being able to let Slack act as your identity management for manipulating prod is a killer app. much like sticking a pistol in your mouth

[jdenning]

We weren't actually using Slack. There are self-hosted alternatives.

You can also add a TOTP code to the command to get 2FA if you're really worried about limiting the attack vector - I actually gave a conference talk about that years ago.

[mooreds]

Do you mean being able to act on, say, a cloudwatch alert? What does that look like?

[jdenning]

It depends on the alert :D

More seriously though:

I had a ChatOps setup a few years back where authorized users could send commands to the config management/remote execution system we used to manage all our servers (in this instance, SaltStack).

Junior staff and people who were more on the "Dev" side DevOps were able to watch the full incident process from Alert -> Investigation -> Remediation both in real-time, and by reviewing the logs.

In the same way, people were able to learn commands to create and destroy infrastructure, which was useful for their workflow and improved efficiency all around.

It takes a fair bit of work to get setup properly, but it's pretty great once you do.