Connecting Amazon Q Business to Google Drive using the console
The following procedure outlines how to connect Amazon Q Business to Google Drive using the AWS Management Console.
Connecting Amazon Q to Google Drive
-
Sign in to the AWS Management Console and open the Amazon Q Business console.
-
Complete the steps to create your Amazon Q application.
-
Complete the steps for selecting an Amazon Q retriever.
-
Then, from the left navigation menu, choose Data sources.
-
From the Data sources page, choose Add data source.
-
Then, on the Add data sources page, from Data sources, add the Google Drive data source to your Amazon Q application.
You can add up to 50 data sources.
-
Then, on the Google Drive page, enter the following information:
-
Name – Name your data source for easy tracking.
Note: You can include hyphens (-) but not spaces. Maximum of 1,000 alphanumeric characters.
-
Authorization – Amazon Q Business crawls ACL information by default to ensure responses are generated only from documents your end users have access to. See Authorization for more details.
-
For Authentication – Choose between Google service account and OAuth 2.0 authentication, based on your use case.
-
AWS Secrets Manager secret – Choose an existing secret or create a Secrets Manager secret to store your GoogleDrive authentication credentials. If you choose to create a secret, an AWS Secrets Manager secret window opens.
-
If you choose Existing, select an existing secret for Select secret.
If you choose New, enter the following information in the New AWS Secrets Manager secret section:
-
Secret name – A name for your secret.
-
If you chose Google service account, enter the following information:
-
Secret Name – A name for your secret.
-
Admin account email – The email ID of the admin user (the email used by the Service Account User) in your Google service account configuration.
-
Client email – The email ID of the service account.
-
Private Key – The private key created in your service account.
Then, choose Save and add secret.
-
-
If you chose OAuth 2.0 authentication, enter the details of Secret Name, Client ID, Client secret and Refresh token that you created in your service account. Then, choose Save and add secret.
-
-
-
Configure VPC and security group – optional – Choose whether you want to use a VPC. If you do, enter the following information:
-
Subnets – Select up to 6 repository subnets that define the subnets and IP ranges the repository instance uses in the selected VPC.
-
VPC security groups – Choose up to 10 security groups that allow access to your data source. Ensure that the security group allows incoming traffic from Amazon EC2 instances and devices outside your VPC. For databases, security group instances are required.
For more information, see VPC.
-
-
Identity crawler – Amazon Q crawls identity information from your data source by default to ensure responses are generated only from documents end users have access to. For more information, see Identity crawler.
-
IAM role – Choose an existing IAM role or create an IAM role to access your repository credentials and index content.
For more information, see IAM role.
-
In Sync scope, for Sync contents – Choose from the following options to select content to index:
Note
To further limit content to index, use Entity regex patterns in the Additional configuration section.
-
My Drive & Shared with me – My Drive contains a user's personal folders and documents. Shared with me contains all the folders and documents that have been shared with the user. Select this option to index both.
-
Shared drives – Shared drives are folders used to store, access, and share files with a team. Select this option to index these.
-
Comments – Select this option to index file comments.
-
-
For Maximum single file size – Specify the file size limit in MBs that Amazon Q will crawl. Amazon Q will crawl only the files within the size limit you define. The default file size is 50MB. The maximum file size should be greater than 0MB and less than or equal to 50MB.
-
In Additional configuration - optional, enter the following optional information:
-
Maximum file size – Set the maximum file size value that Amazon Q will crawl.
-
User email – Add the user email IDs that you want to include or exclude.
-
Shared drives – Add the shared drives that you want to include or exclude.
-
Mime types – Add the MIME types that you want to include or exclude.
-
Entity patterns – Add regular expression patterns to include or exclude certain folders, files, and file types from My drive, Shared with me, and Shared drives. You can add up to 100 patterns.
-
-
In Sync mode, choose how you want to update your index when your data source content changes. When you sync your data source with Amazon Q for the first time, all content is synced by default.
-
Full sync – Sync all content regardless of the previous sync status.
-
New or modified content sync – Sync only new and modified documents.
-
New, modified, or deleted content sync – Sync only new, modified, and deleted documents.
For more details, see Sync mode.
-
-
In Sync run schedule, for Frequency – Choose how often Amazon Q will sync with your data source. For more details, see Sync run schedule.
-
Tags - optional – Add tags to search and filter your resources or track your AWS costs. See Tags for more details.
-
Field mappings – A list of data source document attributes to map to your index fields. Add the fields from the Data source details page after you finish adding your data source. You can choose from two types of fields:
-
Default – Automatically created by Amazon Q on your behalf based on common fields in your data source. You can't edit these.
-
Custom – Automatically created by Amazon Q on your behalf based on common fields in your data source. You can edit these. You can also create and add new custom fields.
Note
Support for adding custom fields varies by connector. You won't see the Add field option if your connector doesn't support adding custom fields.
For more information, see Field mappings.
-
-
To finish connecting your data source to Amazon Q, select Add data source.
You are taken to the Data source details, where you can view your data source configuration details.
-
In Data source details, choose Sync now to allow Amazon Q to begin syncing (crawling and ingesting) data from your data source. When the sync job finishes, your data source is ready to use.
Note
You can choose to view Amazon CloudWatch logs for your data source sync job by selecting View CloudWatch logs. If you get a
Resource not found exception
when you try to view your CloudWatch logs for a data source sync job in progress, it can be because the CloudWatch logs are not available yet. Wait for some time and check again.You can also view a document-level report in CloudWatch for your data source sync job by selecting View Report. This report will have details about the progress and status of each document in the sync job. It shows if a document succeeded, failed, or was skipped during the crawl, sync, and index stages. You'll also find any error messages related to failed or skipped documents.
If the report doesn't show results for an in-progress sync job, the logs may not be available yet. Check back later as data is emitted to the report as events occur during the sync process.
Note
Documents shared to a specific company domain or with a permission set to General access:Anyone with the link must be accessed by a user before they become visible to search users.