Using the call analytics resource access role for the Amazon Chime SDK

The calling account must create the resource access role used by a media insights pipeline configuration. You can't use cross-account roles.

Depending on the features that you enable when you create a call analytics configuration, you must use additional resource policies. Expand the following sections to learn more.

The role requires the following policy, at a minimum:

You must also use the following trust policy:

If you use the KinesisDataStreamSink, add the following policy:

If you use the S3RecordingSink, add the following policy:

If you use the Post Call Analytics feature of the AmazonTranscribeCallAnalyticsProcessor, add the following policy:

If you use the VoiceEnhancementSinkConfiguration element, add the following policy:

If you use the VoiceAnalyticsProcessor, add the policies for LambdaFunctionSink, SqsQueueSink, and SnsTopicSink depending on which sinks you have defined.

LambdaFunctionSink policy:

SqsQueueSink policy

SnsTopicSink policy:

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Pausing and resuming call analytics pipelines

Understanding the call analytics statuses