Secure File Share Slack App

An app that automates file sharing with Azure AI, logs sender and file into in Table storage, and sends real-time Slack alerts -- secure, smart and seamless.

Comment

Inspiration

The idea came from the need to share files securely by classifying the documents in corporate environments, especially when sensitive documents like Contracts, Invoices or any documents that has PII involved. I wanted to automate the entire process - From uploading the file to slack notification and ensuring every shared document is processed with intelligence and accountability.

What it does

This allows user to upload the document via web app along with information about which slack group that person want to share the file. This info is stored in table storage. Once the file is uploaded, a logic app triggers Azure AI services like Document Intelligence and Computer Vision to analyze the document and classify it. Finally, a slack notification is sent with the SAS URI of the file to intended recipient or channel.

How we built it

  1. GitHub Copilot
    2.
    • Used GitHub Copilot in Visual Studio Code to accelerate the development of Python and Flask code.
    • Copilot helped generate boilerplate code for Flask routes, file upload handling, and error handling.
    • Assisted in writing Azure SDK calls for integrating services like Blob Storage and Table Storage.
  2. Visual Studio Code
    3.
    • VS Code is my primary development environment to build the front end of my application using Python and Flask.
    • It offered rich support for Python, Flask, HTML and made it easy to manage templates and static assets.
    • With the help of extensions like Python, Flask snippets and prettier, I could write efficient code. I also utilized the integrated terminal and debugger for testing and trouble shooting throughout the development lifecycle.
  3. Azure Web App
    4.
    • Hosted the flask-based Python web application.
    • Handled file uploads and metadata inputs.
    • Enabled scalable and reliable deployment integrated with other Azure services.
  4. Azure Logic App
    5.
    • Automatically triggered once the file is dropped in Azure Blob Storage.
    • Orchestrated the end to end workflow that is to read metadata, fetch file and contents, call AI services and post the message on slack
  5. Azure Blob Storage
    6.
    • Used to store uploaded files such as documents and images securely in a container.
    • Implemented container-level policies and SAS tokens for secure access.
  6. Azure Table Storage
    7.
    • Metadata for each uploaded file like filename, from_user, to_user or slack channel stored in a table
    • Used this as a lightweight, fast access metadata store
    • Logic app fetched the data from this table to determine routing.
  7. Azure Document Intelligence
    8.
    • Processed documents such as Resumes, Invoices, contracts etc. which are in various forms like csv, excel, word, pdf, ppt etc.
    • Based on the content in the file, this determined the classification of the file.
  8. Azure AI Vision
    9.
    • I used this to process the images and screenshots which might contain PII information.
    • This extracted text(OCR) and sent to Document intelligence for classification.
  9. Azure Key Vault
    10.
    • Utilized Azure Key Vault to securely manage secrets such as Access Keys, Client ID and Client Secret.
    • Azure Webapp is integrated with Azure Key Vault to fetch this information from secrets.
  10. Slack
    • After classifying the file, Logic App sends a real time notification to the specified Slack channel or user with SAS URI, from_user and the file classification.

Challenges we ran into

Initially I intended to do a Teams integration, spent a lot of time trying to configure Teams using app registrations, direct logins etc. but I don't have the necessary licenses to make it work, so I chose a different messaging app.

Accomplishments that we're proud of

  1. Fully automated pipeline with no manual intervention.
  2. A scalable solution using native Azure components with minimal custom code.
  3. Successfully integrated AI services to extract and classify the documents.

What we learned

  1. Efficient use of Azure Table Storage for lightweight metadata logging instead of spinning up a SQL database.
  2. Working with Azure AI services - AI Vision and Document Intelligence
  3. Learned a lot on various connectors inside Azure Logic Apps.

What's next for Secure File Share Slack App

  1. Currently, authentication is not configured. I would like to add authentication to restrict uploads and access only to the Entra or authenticated users.
  2. Life cycle management based on the type of document. If it is Highly classified then the access must be restricted to few minutes and also delete the file from Storage account.
  3. Expand to Outlook and Microsoft Teams integration.

Built With

  • azure-ai-vision
  • azure-document-intelligence
  • azure-logic-app
  • azure-storage-account
  • azure-web-app
  • flask
  • python
Share this project:

Updates