Getting Started with Ohlala SmartOps

• 1: Prerequisites
• 2: Enable Amazon Bedrock
• 3: AWS Marketplace Subscription
• 4: Azure Bot Registration
• 5: Google Cloud Setup
• 6: Deploy CloudFormation Stack
• 7: Connect to Microsoft Teams
• 8: Connect to Google Chat
• 9: Verification & Testing

1 - Prerequisites

Choose Your Chat Platform

Ohlala SmartOps supports Microsoft Teams, Google Chat, or both. Choose based on your organization’s needs:

AWS Requirements

AWS Account

• Administrative access to create IAM roles, ECS clusters, and other resources
• AWS Marketplace subscription capability
• Billing enabled for AWS services usage

Required AWS Services

Ensure these services are available in your chosen region:

• Amazon ECS Fargate - Container orchestration
• Amazon Bedrock - AI model access
• API Gateway - Teams webhook endpoint
• CloudFormation - Infrastructure deployment
• Systems Manager (SSM) - Instance management

Existing Infrastructure

• At least 1 EC2 instance to manage
• SSM Agent installed on instances
  • Pre-installed on: Amazon Linux 2, Ubuntu 20.04+, Windows Server 2016+
  • Manual installation guide for other OS

Microsoft Teams Requirements

Skip this section if you plan to use Google Chat only.

Azure Account

• Azure subscription (Free tier works)
• Ability to create resources in Azure Portal
• Azure AD tenant for authentication

Teams Workspace

• Microsoft Teams installed and configured
• Admin permissions to install custom apps
• Teams channel where you want to add the bot

Google Workspace Requirements

Skip this section if you plan to use Microsoft Teams only.

Google Cloud Platform

• Google Cloud account with ability to create projects
• Billing enabled (for API usage tracking, minimal cost)
• Permissions to enable APIs and create service accounts

Google Workspace

• Google Workspace account (Business, Enterprise, or Education)
• Admin permissions to create and manage Chat apps, or
• Developer permissions to create internal Chat apps
• Google Chat enabled in your Workspace

Knowledge Requirements

Recommended Skills

• Basic understanding of AWS services
• Familiarity with CloudFormation
• Experience with your chosen chat platform administration (Teams or Google Chat)
• Understanding of bot concepts

Pre-Deployment Checklist

Use this checklist to verify readiness:

AWS (Required for all)

• AWS account with admin access
• AWS region selected that supports all required services
• At least one EC2 instance running
• SSM Agent installed on instances

Microsoft Teams (if using Teams)

• Azure account created
• Microsoft Teams workspace available
• Teams admin permissions confirmed

Google Chat (if using Google Chat)

• Google Cloud account with billing enabled
• Google Workspace account available
• Permissions to create Chat apps

Regional Availability

Recommended Regions

For optimal performance, we recommend:

• US East (N. Virginia) - us-east-1
• US West (Oregon) - us-west-2
• Europe (Ireland) - eu-west-1
• Europe (Frankfurt) - eu-central-1

All Supported Regions

The solution works in any region with ECS Fargate support. Bedrock access is automatically handled through cross-region inference profiles.

Next Step

Once you’ve verified all prerequisites:

Continue to Bedrock Setup →

2 - Enable Amazon Bedrock

Why Bedrock is Required

Ohlala SmartOps uses Amazon Bedrock with Claude Sonnet 4.5 to provide:

• Natural language understanding of your commands
• Intelligent analysis of infrastructure issues
• Smart recommendations for optimization
• Context-aware responses based on your environment

Step-by-Step Setup

1. Open Amazon Bedrock Console

Navigate to the Amazon Bedrock console in your deployment region:

Open Amazon Bedrock Console

2. Navigate to Model Access

In the left sidebar, click on “Model access”

3. Enable Claude Sonnet 4.5

1. Click “Modify model access”
2. Find and enable:
   • Claude Sonnet 4.5 (anthropic.claude-sonnet-4-5-*)
3. Click “Submit” to request access

4. Wait for Approval

• Standard models are usually approved immediately
• Wait for status to show “Access granted”
• Refresh the page if needed

Regional Considerations

How Regional Access Works

Ohlala SmartOps automatically handles regional model access:

1. Detects your deployment region
2. Uses the optimal inference profile for your location
3. No additional configuration needed
4. Same performance across all regions

Primary Regions (Native Support)

Best performance in these regions:

• US East (N. Virginia) - us-east-1
• US West (Oregon) - us-west-2
• Europe (Frankfurt) - eu-central-1
• Europe (Ireland) - eu-west-1
• Asia Pacific (Tokyo) - ap-northeast-1
• Asia Pacific (Sydney) - ap-southeast-2

All Other Regions

Supported via cross-region inference profiles:

• Europe (Paris) - eu-west-3
• Europe (London) - eu-west-2
• Asia Pacific (Singapore) - ap-southeast-1
• Asia Pacific (Mumbai) - ap-south-1
• Canada (Central) - ca-central-1
• South America (São Paulo) - sa-east-1
• And more…

Verify Access

Check Model Status

1. Return to the Model access page
2. Verify Claude Sonnet 4.5 shows “Access granted”
3. Note the model ID pattern: anthropic.claude-sonnet-4-5-*

Troubleshooting

Model Not Available

• Issue: Claude Sonnet 4.5 not listed
• Solution: Check you’re in a supported region

Access Denied After Deployment

• Issue: Bot shows “Model access required” error
• Solution:
  1. Enable model access as shown above
  2. Wait for “Access granted” status
  3. No need to redeploy - the bot will work automatically

Request Pending Too Long

• Issue: Status stuck on “Pending”
• Solution:
  1. Cancel and resubmit the request
  2. Contact AWS Support if issues persist

Good to Know

Model Costs

• Input: $3.00 per million tokens
• Output: $15.00 per million tokens
• Average command uses ~500-2000 tokens
• Built-in cost tracking alerts you at $5 milestones

Alternative Models

Currently, only Claude Sonnet 4.5 is supported. Support for additional models may be added in future releases.

Next Step

Once Bedrock access is enabled:

Continue to AWS Marketplace →

3 - AWS Marketplace Subscription

What You’ll Get

The AWS Marketplace subscription provides:

• Official CloudFormation template
• Pre-built container images
• Automatic updates
• AWS support integration
• Simplified billing through AWS

Subscription Steps

1. Navigate to AWS Marketplace

Open the Ohlala SmartOps product page:

AWS Marketplace - Ohlala SmartOps

2. View Purchase Options

Click “View purchase options” to start the subscription process.

3. Subscribe to the Product

Scroll down and click “Subscribe” to accept the terms.

4. Launch Your Software

Once subscribed, click “Launch your software” to proceed with deployment.

5. Download CloudFormation Template

1. Select “Amazon ECS” as the launch method
2. Click the “cloudformation template” link to download
3. Save the template file locally - you’ll need it in the next steps
4. Alternatively, you can download the cloudformation template here: Download Template

Verify Subscription

Check Subscription Status

1. Go to AWS Marketplace → Manage subscriptions
2. Find “Ohlala SmartOps” in your subscriptions
3. Verify status shows “Active”

Download Template Backup

Common Questions

Q: Can I cancel anytime?

A: Yes, you can cancel the subscription anytime through AWS Marketplace. You only pay for resources used.

Q: Can I deploy multiple instances?

A: Yes, you can deploy multiple stacks using the same subscription. Contact us for volume licensing.

Q: How do updates work?

A: Updates are provided through new versions in Marketplace. You can update at your convenience.

Next Step

With your subscription active and template downloaded:

Continue to Azure Bot Setup →

4 - Azure Bot Registration

What You’ll Create

• Azure Bot resource for Teams integration
• Authentication credentials (App ID, Password, Tenant ID)
• Secure communication channel with Teams

Step-by-Step Setup

1. Access Azure Portal

Navigate to Azure Portal and sign in:

https://portal.azure.com

2. Create Resource Group (Optional)

It’s recommended to create a dedicated resource group:

1. Search for “Resource groups” in the search bar
2. Click “Create”
3. Configure:
   • Subscription: Your Azure subscription
   • Resource group: ohlala-smartops-rg
   • Region: Choose any region (e.g., North Europe)
4. Click “Review + create” then “Create”

3. Create Azure Bot

Search for Azure Bot

In the Azure Portal search bar, type “Azure Bot” and select it from the marketplace.

Configure Bot Settings

Fill in the bot configuration:

Bot handle: OhlalaSmartOps
Subscription: Your Azure subscription
Resource group: ohlala-smartops-rg (or your chosen group)
Location: North Europe (or your preferred region)
Pricing tier: F0 (Free)
Type: Single Tenant (default)
Microsoft App ID: Create new

Click “Review + create” then “Create”. Deployment takes about 1-2 minutes.

4. Get Authentication Credentials

After deployment completes, go to your bot resource.

Navigate to Configuration

1. Go to Settings → Configuration
2. You’ll see the Microsoft App ID - copy and save this

Create App Password

1. Click “Manage Password” next to the App ID
2. In the new window, click “New client secret”

3. Configure the secret:
   • Description: Ohlala SmartOps Bot Secret
   • Expires: Choose duration (recommend 24 months)

4. Click “Add”
5. IMPORTANT: Copy the secret value immediately!

Get Tenant ID

The Tenant ID is shown in the Azure Portal:

1. Click on your account menu (top right)
2. Select “Switch directory”
3. Your Tenant ID is displayed there

Alternatively:

1. Go to Azure Active Directory
2. The Tenant ID is on the overview page

Save Your Credentials

You now have three critical values needed for deployment:

5. Configure Teams Channel

1. Open Channels Page

In your Azure Bot resource, navigate to Channels in the left sidebar.

2. Add Microsoft Teams Channel

1. Click on the Microsoft Teams icon
2. Accept the terms and click “Agree”

3. Click on Apply

Common Issues

Issue: Free Tier Not Available

Solution: F0 tier is limited to one per subscription. Use S1 (Standard) tier instead (~$0.50/month).

Issue: Can’t Create App Password

Solution: You need appropriate permissions in Azure AD. Contact your Azure administrator.

Issue: Lost App Password

Solution: You can create a new client secret:

1. Go to Bot Configuration → Manage Password
2. Create a new client secret
3. Update your deployment with the new password

Next Step

With your Azure Bot configured and credentials saved:

Continue to CloudFormation Deployment →

5 - Google Cloud Setup

What You’ll Create

• Google Cloud Project
• Service Account with JSON credentials
• Enabled Google Chat API

Prerequisites

Before starting, ensure you have:

• Google Cloud Platform account with billing enabled
• Google Workspace account (Business, Enterprise, or Education)

Step-by-Step Setup

1. Create Google Cloud Project

Set Up Project

1. Go to Google Cloud Console
2. Click Select a project then New Project

3. Enter project name: ohlala-smartops (or your preferred name)

4. Click Create

5. Wait for project creation to complete

2. Enable Google Chat API

1. In Google Cloud Console, go to APIs & Services then Library

2. Search for Google Chat API

3. Click Google Chat API

4. Click Enable

3. Create Service Account

Create the Account

1. Go to IAM & Admin then Service Accounts
2. Click Create Service Account

3. Enter details:
   • Name: ohlala-smartops-bot
   • ID: ohlala-smartops-bot (auto-generated)
   • Description: Service account for Ohlala SmartOps Chat app
4. Click Create and Continue
5. Skip the optional steps (roles, access)
6. Click Done

Generate JSON Key

1. Click on your new service account
2. Go to Keys tab
3. Click Add Key then Create new key
4. Select JSON format
5. Click Create
6. Save the downloaded JSON file securely

4. Prepare Credentials for CloudFormation

You’ll need two values for CloudFormation deployment:

Convert JSON to Single Line

The service account JSON must be on a single line for CloudFormation. Use one of these methods:

Linux/Mac:

cat service-account.json | jq -c

Windows (PowerShell):

Get-Content service-account.json | ConvertFrom-Json | ConvertTo-Json -Compress

Summary

At this point, you should have:

• Google Cloud Project created
• Project ID noted for CloudFormation
• Google Chat API enabled
• Service Account created
• JSON key downloaded and converted to single line

Next Step

You’re ready to deploy the CloudFormation stack with your Google Chat credentials:

Continue to CloudFormation Deployment →

6 - Deploy CloudFormation Stack

What Gets Deployed

The CloudFormation stack creates:

• ECS Fargate cluster with container services
• API Gateway for Teams and/or Google Chat webhooks
• Network infrastructure (VPC, subnets, security groups)
• IAM roles with appropriate permissions
• Secrets Manager for credentials
• CloudWatch logs for monitoring

Deployment Steps

1. Open CloudFormation Console

Navigate to CloudFormation in your target region:

https://console.aws.amazon.com/cloudformation/home

2. Create New Stack

Click “Create stack” and choose “With new resources (standard)”

3. Upload Template

1. Select “Choose an existing template”
2. Select “Upload a template file”
3. Click “Choose file” and select the template downloaded from AWS Marketplace
4. Click “Next”

4. Configure Stack Parameters

Stack Name

Enter a unique stack name: OhlalaSmartOps (or your preference)

Required Parameters

Fill in the mandatory parameters:

Teams Parameters (required when ChatPlatform is Teams or Both)

Google Chat Parameters (required when ChatPlatform is GoogleChat or Both)

VPC Configuration (if NewVPC)

Keep defaults or customize:

• VPCCIDR: 10.0.0.0/16
• PublicSubnet1CIDR: 10.0.1.0/24
• PublicSubnet2CIDR: 10.0.2.0/24
• PrivateSubnet1CIDR: 10.0.10.0/24
• PrivateSubnet2CIDR: 10.0.11.0/24
• EnableNATGateway: true

Security & Reports Configuration

Schedule Examples:

• cron(0 8 * * ? *) - Every day at 8am UTC
• cron(0 9 ? * MON-FRI *) - Weekdays at 9am UTC
• cron(0 14 * * ? *) - Every day at 2pm UTC

Click “Next”

5. Configure Stack Options

On the stack options page:

• Tags: (Optional) Add tags for resource organization
• Permissions: Leave default
• Advanced options: Leave default

Click “Next”

6. Review and Create

1. Review all settings
2. Check the acknowledgment box:
   • I acknowledge that AWS CloudFormation might create IAM resources with custom names

3. Click “Submit”

7. Monitor Deployment

The stack creation takes 5-10 minutes. Monitor progress:

1. Select your stack in the CloudFormation console
2. Check the Events tab for real-time updates
3. Wait for status: CREATE_COMPLETE

Get Stack Outputs

Once deployment completes, get the important URLs:

1. Select your stack
2. Go to the Outputs tab
3. Save these values:

Verify Deployment

Check ECS Service

1. Go to ECS Console → Clusters
2. Find your cluster (e.g., OhlalaSmartOps-Cluster-...)
3. Check service shows 1 running task

Check API Gateway

1. Go to API Gateway Console
2. Find your API (e.g., OhlalaSmartOps-API-...)
3. Verify endpoints are created

Check Health Endpoint

Test the health endpoint (no authentication required):

curl https://your-api-id.execute-api.region.amazonaws.com/prod-stackname/health

Should return: {"status": "healthy"}

Troubleshooting

Stack Creation Failed

IAM Role Already Exists

Error: “Resource of type ‘AWS::IAM::Role’ with identifier already exists” Solution: Use a different stack name, or delete the existing role first

Insufficient Permissions

Error: “User is not authorized to perform: iam:CreateRole” Solution: Ensure you have admin permissions or required IAM policies

Service Quota Exceeded

Error: “Service quota exceeded” Solution: Request quota increase or deploy in different region

Stack Stuck in CREATE_IN_PROGRESS

• Check Events tab for specific resource causing delay
• ECS service can take 3-5 minutes to stabilize
• If stuck >15 minutes, consider deleting and retrying

Next Step

With infrastructure deployed and webhook URL ready, continue based on your ChatPlatform selection:

• Teams or Both: Continue to Teams Integration
• GoogleChat or Both: Continue to Google Chat Integration

7 - Connect to Microsoft Teams

What You’ll Configure

• Azure Bot webhook endpoint
• Teams channel connection
• Bot app installation
• Initial testing

Integration Steps

1. Configure Webhook in Azure Bot

Get the Webhook URL

From your CloudFormation stack outputs, copy the TeamsWebhookURL:

https://xxx.execute-api.region.amazonaws.com/prod-stackname/api/messages

Update Bot Configuration

1. Go to Azure Portal
2. Navigate to your Azure Bot resource
3. Go to Configuration under Settings
4. Set Messaging endpoint to your webhook URL
5. Click Apply to save

2. Install Teams App

1. Download the Teams app package:

   Ohlala SmartOps Teams App

2. Customize the manifest:

   • Extract the zip file
   • Edit manifest.json
   • Replace YOUR_APP_ID with your Microsoft App ID
   • Re-zip the files

3. Install in Teams:

   • Open Microsoft Teams
   • Go to Apps in the left sidebar, then Manage your apps
   • Click Upload an app
   • Select Upload a custom app
   • Choose your zip file
   • Click Add to install

N.B.: You can also ask your Teams admin to upload the app for you if you lack permissions on Teams Admin portal

4. Add Bot to Team or Chat

For Personal Use

1. Find Ohlala SmartOps in your apps
2. Click Add
3. Start chatting directly with the bot

For Team Use

1. Go to your team
2. Click ⋮ (More options) → Manage team
3. Go to Apps tab
4. Click Upload a custom app
5. Select your app
6. Click Add to team

Test the Connection

Send Test Message

In Teams, message the bot:

@Ohlala SmartOps hello

Expected response:

Hello! I’m Ohlala SmartOps, your AI-powered AWS infrastructure assistant. Type ‘/help’ to see what I can do for you.

Test Basic Command

Try a simple command:

@Ohlala SmartOps /help

The bot should respond with a help card showing available commands.

Verify Integration

Check Connection Status

In Azure Portal

1. Go to your bot → Channels
2. Microsoft Teams should show Running
3. Click Microsoft Teams to see activity

In AWS Console

1. Go to CloudWatch → Log Groups
2. Find /aws/ecs/ohlala-smartops-...
3. Check for incoming request logs

Monitor API Gateway

1. Go to API Gateway Console
2. Select your API
3. Go to Dashboard
4. You should see incoming requests when messaging the bot

Troubleshooting

Bot Not Responding

Check Webhook URL

• Verify URL in Azure Bot Configuration matches CloudFormation output exactly
• Ensure it includes the full path with /api/messages

Check ECS Service

• Go to ECS Console
• Verify service has 1 running task
• Check task logs for errors

Test Health Endpoint

curl https://your-api.execute-api.region.amazonaws.com/prod-stackname/health

“Service Unavailable” Error

Causes:

• ECS task not running
• API Gateway misconfigured
• Authentication failing

Solution:

1. Check ECS service is running
2. Verify API Gateway deployment
3. Check CloudWatch logs for details

Authentication Errors

Symptoms: 401 or 403 errors in logs

Solution:

1. Verify Microsoft App credentials in Secrets Manager
2. Ensure Tenant ID is correct
3. Check Lambda authorizer logs

Teams App Installation Issues

“App not found”:

• Ensure manifest.json has correct App ID
• Verify bot is published in Azure

“Permissions required”:

• Contact Teams admin to allow custom apps
• Check organizational app policies

Success Checklist

Confirm everything is working:

• Azure Bot shows Teams channel as Running
• Webhook URL configured correctly
• Teams app installed successfully
• Bot responds to messages
• Help command works
• No errors in CloudWatch logs

Next Step

Your bot is connected! Now let’s verify everything and run your first commands:

Continue to Verification & Testing →

8 - Connect to Google Chat

What You’ll Configure

• Chat app settings with webhook URL
• App visibility and permissions
• Bot installation in Google Chat

Prerequisites

Before starting, ensure you have:

• Google Cloud Project created with Chat API enabled (Google Cloud Setup)
• CloudFormation stack deployed with ChatPlatform set to GoogleChat or Both
• GoogleChatWebhookURL from CloudFormation stack outputs

Integration Steps

1. Get the Webhook URL

1. Go to AWS CloudFormation Console
2. Select your stack
3. Go to the Outputs tab
4. Copy the GoogleChatWebhookURL value

The URL looks like: https://xxx.execute-api.region.amazonaws.com/prod-stackname/api/google-chat

2. Configure Chat App

Access Chat API Configuration

1. Go to Google Chat API Configuration
2. Or navigate: APIs & Services then Enabled APIs then Google Chat API then Configuration

Fill App Information

App name: Ohlala SmartOps

Avatar URL: https://767397776277-marketplace.s3.us-east-1.amazonaws.com/Ohlala_logo.png

Description: AI-powered AWS infrastructure management assistant

Enable Interactive features: ON

Configure App URL

Functionality: Select both:

• Receive 1:1 messages
• Join spaces and group conversations

Connection settings:

• Select HTTP endpoint URL > Use a common HTTP endpoint URL for all triggers

• Enter your Google Chat webhook URL from CloudFormation outputs:

  https://xxx.execute-api.region.amazonaws.com/prod-stackname/api/google-chat

Authentication Audience: Select App URL

Set Visibility

1. Select “Make this Chat app available to specific people and groups”
2. Click Add people or groups
3. Enter email addresses of all users who need access to the bot
4. Click Save

3. Add Bot to Google Chat

For Personal Use (Direct Message)

1. Open Google Chat
2. Click + New chat then type “smartops”

3. Search for Ohlala SmartOps
4. Click on the app
5. Click Add
6. Start chatting directly with the bot

For Space Use (Group)

1. Open or create a Google Chat space
2. Click the space name then Integrations
3. Click Add apps
4. Search for Ohlala SmartOps
5. Click Add
6. The bot will appear in the space

Test the Connection

Send Test Message

In Google Chat, message the bot:

@Ohlala SmartOps hello

Or in a direct message:

hello

Expected response:

Hello! I’m Ohlala SmartOps, your AI-powered AWS infrastructure assistant. Type ‘/help’ to see what I can do for you.

Test Basic Command

Try a simple command:

/help

The bot should respond with a help card showing available commands.

Verify Integration

Check Google Chat API

1. Go to Google Cloud Console
2. Navigate to APIs & Services → Dashboard
3. Find Google Chat API
4. Click to see usage metrics

Check AWS CloudWatch Logs

1. Go to CloudWatch → Log Groups
2. Find /aws/ecs/ohlala-smartops-...
3. Look for logs containing google-chat or incoming POST requests
4. Verify requests are being received and processed

Monitor API Gateway

1. Go to API Gateway Console
2. Select your API
3. Go to Dashboard
4. You should see requests to /api/google-chat endpoint

Troubleshooting

Bot Not Responding

Check Webhook URL

• Verify URL in Google Chat API Configuration matches CloudFormation output
• Ensure it includes the full path with /api/google-chat

Check ECS Service

• Go to ECS Console
• Verify service has running tasks
• Check task logs for errors

Verify Google Chat is Enabled

• Check CloudFormation parameter ChatPlatform is GoogleChat or Both
• Verify ECS task has the environment variable set

“App Not Found” in Search

Causes:

• App visibility not configured correctly
• You’re not in the allowed users/groups list
• App not yet published (may take a few minutes)

Solution:

1. Go to Chat API Configuration
2. Check Visibility settings
3. Add your email to allowed users
4. Wait a few minutes and try again

Authentication Errors

Symptoms: 401 or 403 errors in CloudWatch logs

Solution:

1. Verify service account JSON was correct in CloudFormation
2. Check the JSON was properly formatted (single line, no extra quotes)
3. Verify Project ID matches the service account’s project
4. Check Lambda authorizer logs for specific error messages

“Service Unavailable” Error

Causes:

• ECS task not running
• API Gateway misconfigured
• JWT validation failing

Solution:

1. Check ECS service is running
2. Verify API Gateway deployment
3. Check CloudWatch logs for Lambda authorizer errors
4. Verify the audience URL in Chat API Configuration matches your endpoint

Card Rendering Issues

Google Chat uses a different card format than Teams. If cards don’t render correctly:

1. Check CloudWatch logs for card formatting errors
2. Verify the QuickChart sidecar container is running in ECS
3. Check S3 bucket for chart images (if using charts)

Google Chat vs Teams Differences

Success Checklist

Confirm everything is working:

• Chat app configured with correct webhook URL
• App visibility settings allow your access
• Bot appears in Google Chat app search
• Bot responds to messages
• Help command works
• No errors in CloudWatch logs

Next Step

Your bot is connected to Google Chat! Now verify everything is working:

Continue to Verification & Testing →

9 - Verification & Testing

Deployment Checklist

Before testing commands, verify each component:

AWS Infrastructure

• CloudFormation stack shows CREATE_COMPLETE
• ECS service has 1 running task
• API Gateway endpoint responds to health check
• CloudWatch logs are being created
• Secrets Manager contains credentials

Microsoft Teams (if using Teams)

• Azure Bot shows Teams channel as Running
• Webhook URL is configured correctly
• Teams app is installed
• Bot appears in Teams chat/channel

Google Chat (if using Google Chat)

• Google Chat API enabled and configured
• Service account credentials stored in CloudFormation
• Chat app appears in Google Chat search
• Bot is added to a space or direct message

Bedrock

• Claude Sonnet 4.5 shows Access granted
• Model is available in deployment region

Your First Commands

The commands below work in both Microsoft Teams and Google Chat. In Teams, use @Ohlala SmartOps to mention the bot. In Google Chat direct messages, you can type commands directly without mentioning.

1. Test Connection

Teams: @Ohlala SmartOps hello

Google Chat (direct message): hello

Expected Response: Friendly greeting confirming the bot is working

2. Get Help

Teams: @Ohlala SmartOps help

Google Chat: /help

Expected Response: Interactive card with available commands and examples

3. Check Instance Status

show me my EC2 instances

Expected Response: List of your EC2 instances with status information

4. Health Report

/health

Expected Response: Detailed health metrics for your instances

5. Natural Language Query

which instances are running in us-east-1?

Expected Response: Filtered list based on your query

Advanced Testing

Test SSM Integration

@Ohlala SmartOps check disk space on i-1234567890abcdef0

• Verifies SSM command execution
• Returns disk usage information

Test Cost Analysis

@Ohlala SmartOps analyze my EC2 costs

• Checks CloudWatch metrics access
• Provides cost optimization suggestions

Test Multi-Instance Commands

@Ohlala SmartOps show me all stopped instances

• Tests filtering and analysis capabilities
• Demonstrates natural language understanding

Monitoring Your Deployment

CloudWatch Metrics

Monitor key metrics in CloudWatch:

1. ECS Service

   • CPU utilization (should be <50%)
   • Memory utilization (should be <70%)
   • Task count (should be 1)

2. API Gateway

   • Request count
   • 4XX/5XX errors (should be minimal)
   • Latency (should be <3 seconds)

3. Bedrock Usage

   • Token consumption
   • API throttling events
   • Model invocation errors

Common Issues & Solutions

Issue: Bot Not Responding

Quick Diagnosis:

# Check health endpoint
curl https://your-api.execute-api.region.amazonaws.com/prod-stackname/health

Solutions:

1. Check ECS task is running
2. For Teams: Verify webhook URL in Azure Bot configuration
3. For Google Chat: Verify webhook URL in Chat API Configuration
4. Ensure the app is installed correctly
5. Review CloudWatch logs

Issue: “Model Access Required” Error

Symptom: Bot responds but shows Bedrock error

Solution:

1. Go to Bedrock Console then Model access
2. Enable Claude Sonnet 4.5
3. Wait for “Access granted”
4. Retry command (no restart needed)

Issue: No Instances Found

Symptom: Bot works but doesn’t see EC2 instances

Checks:

1. Instances are in same region as deployment
2. Instances have SSM agent installed
3. IAM permissions are correct
4. Try: list all instances in all regions

Issue: Commands Timeout

Symptom: Bot shows “thinking” but never responds

Solutions:

1. Check ECS task memory/CPU
2. Look for Bedrock throttling
3. Verify network connectivity
4. Scale ECS service if needed

Issue: Teams Authentication Failures

Symptom: 401/403 errors in logs for Teams requests

Solutions:

1. Regenerate Azure Bot credentials
2. Update Secrets Manager
3. Restart ECS service
4. Check tenant ID is correct

Issue: Google Chat Authentication Failures

Symptom: 401/403 errors in logs for Google Chat requests

Solutions:

1. Verify service account JSON is correctly formatted (single line)
2. Check the service account has the correct permissions
3. Verify the Project ID matches the service account
4. Check the Authentication Audience setting in Chat API Configuration

Best Practices

1. Start simple: Use basic commands first
2. Be specific: Include instance IDs for targeted actions
3. Use natural language: The bot understands context
4. Review suggestions: Always verify before applying changes

Success Indicators

Your deployment is successful when:

• Bot responds within 2-3 seconds
• All test commands work
• No errors in CloudWatch logs
• Costs align with expectations
• Team members can use the bot

Next Steps

Now that your bot is working:

1. Explore Features

   • Try advanced commands
   • Experiment with natural language queries
   • Review health and cost reports

2. Train Your Team

   • Share the bot with team members
   • Create usage guidelines
   • Document common workflows

Getting Help

If you encounter issues:

1. Check Documentation

   • Troubleshooting Guide

2. Contact Support

   • Email: support@ohlala.cloud
   • Include: Stack name, region, error messages

3. Community Resources

   • Email: support@ohlala.cloud
   • AWS Forums
   • Teams Community

Congratulations

You’ve successfully deployed Ohlala SmartOps. Your AI-powered infrastructure assistant is ready to help manage your AWS environment through natural language conversations in Microsoft Teams, Google Chat, or both.

Happy automating!