Prerequisites for connecting Amazon Q Business to Microsoft Exchange

In Microsoft Exchange, make sure you have:

Created a Microsoft Exchange account in Office 365.
Copied your Microsoft 365 tenant ID. You can find your tenant ID in the Properties of your Azure Active Directory Portal. For more information, see Find your Microsoft 365 tenant ID on the Microsoft website.
Configured an OAuth 2.0 credential token containing a client ID and client secret.

Added the following permissions for the connector application:

Microsoft Graph	Office 365 Exchange Online
Mail.Read (Application) Mail.ReadBasic (Application) Mail.ReadBasic.All (Application) Calendars.Read (Application) User.Read.All Application) Contacts.Read (Application) Notes.Read.All (Application) Directory.Read.All (Application) EWS.AccessAsUser.All (Delegated)	full_access_as_app (Application)

In your AWS account, make sure you have:

Created an IAM role for your data source and, if using the Amazon Q API, noted the ARN of the IAM role.
Stored your Microsoft Exchange authentication credentials in an AWS Secrets Manager secret and, if using the Amazon Q API, noted the ARN of the secret.

Note
If you’re a console user, you can create the IAM role and Secrets Manager secret as part of configuring your Amazon Q application on the console.

For a list of things to consider while configuring your data source, see Data source connector configuration best practices.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Overview

Using the console