Understanding Amazon Q Business User Store - Amazon Q Business

Understanding Amazon Q Business User Store

With the Amazon Q Business User Store feature, end users see Amazon Q chat responses generated only from the documents that they have access to within an Amazon Q application. To achieve this, Amazon Q creates a mapping within the data sources attached to that application. The mapping is between every unique user accessing the application and all the user IDs and user groups that they are associated with. Amazon Q stores this principal mapping information in its internal User Store. During chat, Amazon Q uses the mapping information to return answers that are scoped to a user’s identity.

When you use the API, you use the User Store API actions to customize and configure your user management solution. For more details, see Using User Store APIs.

When you use the console, Amazon Q automatically crawls user and group information during the connector setup process. You can't create, add, or customize users and groups to the user store using the AWS Management Console.


The User Store feature is not available for the Amazon S3 and Amazon Q Web Crawler connectors that are used with Amazon Q. For more information about using access control information for user identity specific chat responses for these connectors, see Amazon S3 and Amazon Q Web Crawler.