Prerequisites for connecting Amazon Q Business to Gmail

Before you begin, make sure that you have completed the following prerequisites.

In Gmail, make sure you have:

Created a Google Cloud Platform admin account and have created a Google Cloud project.
Activated the Gmail API and Admin SDK API in your admin account.
Created a service account and downloaded a JSON private key for your Gmail. For information about how to create and access your private key, see Create a service account key and Service account credentials on the Google Cloud website.
Copied your admin account email, your service account email, and your private key to use for authentication.
Added the following Oauth scopes (using an admin role) for your user and the shared directories you want to index:
- https://www.googleapis.com/auth/admin.directory.user.readonly
- https://www.googleapis.com/auth/gmail.readonly

In your AWS account, make sure you have:

Created an IAM role for your data source and, if using the Amazon Q API, noted the ARN of the IAM role.
Stored your Gmail authentication credentials in an AWS Secrets Manager secret and, if using the Amazon Q API, noted the ARN of the secret.

Note
If you’re a console user, you can create the IAM role and Secrets Manager secret as part of configuring your Amazon Q application on the console.

For a list of things to consider while configuring your data source, see Data source connector configuration best practices.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Overview

Using the console