Amazon Connect
Administrator Guide

Configuring Your Amazon Connect Instance

You can configure your Amazon Connect instance using the AWS Management Console. To access instance settings, choose the name of the instance in the Instance Alias column.

Overview

The Overview section displays the following information about your Amazon Connect instance.

  • Instance ARN—the ARN for the instance. The instance ID for the instance is included in the ARN, and is the value after the instance/. For example, the instance ID in the following instance ARN is df9e742b-310b-4eb2-a062-31bc99177ed4.

    arn:aws:connect:us-east-1:361814831152:instance/df9e742b-310b-4eb2-a062-31bc99177ed4

  • Directory—The instance alias for the instance.

  • Login URL—The URL to use in a browser to log in directly to the contact center for your instance.

    If your agents (users that are assigned only the Agent security profile) try to use this URL to log in to Amazon Connect, "Error 403! (Forbidden) is displayed on the page. The agent can still open the Contact Control Panel (CCP) by selecting the phone icon in the top-right corner of the page.

You can use the Login as administrator button to log in to the instance using your AWS account with full admin permissions. This can be helpful if you ever forgot the password for the admin account, or need to update Amazon Connect settings.

Telephony

Select whether to accept incoming calls to, or allow outbound calls from, your Amazon Connect instance. You can use security profiles to set permissions to enable or disable outbound calling.

Data Storage

Data, such as call recordings and reports, is stored securely in an Amazon S3 bucket. During setup, a default Amazon S3 bucket is created and encrypted using AWS Key Management Service. This bucket and key are used for both calling recordings and reports. Alternatively, you can use separate buckets and keys for call recordings and reports.

Call recordings in Amazon Connect are stored as .wav files, and played back in 8 Khz pulse-code modulation (PCM) format.

Before updating the data storage settings, ensure that you are familiar with Amazon S3 and AWS KMS.

To update data storage settings

  1. Open the Amazon Connect console at https://console.aws.amazon.com/connect/.

  2. Choose the name of the instance from Instance Alias.

  3. In the navigation pane, choose Data storage.

  4. To update the settings for call recordings, do the following:

    1. For Call recordings, choose Edit.

    2. (Optional) To disable call recordings, clear Enable call recording.

    3. (Optional) If call recordings are enabled, you can create a new S3 bucket or select an S3 bucket that you've already created.

    4. (Optional) If call recordings are enabled, you can update the encryption settings as needed. To disable encryption, clear Enable encryption. To update the KMS key, specify a key from the same region as your S3 bucket.

    5. To save your changes, choose Save.

  5. To update the settings for exported reports, do the following:

    1. For Exported reports, choose Edit.

    2. (Optional) To disable exported reports, clear Enable exported reports.

    3. (Optional) If exported reports are enabled, you can create a new S3 bucket or select an S3 bucket that you've already created.

    4. (Optional) If exported reports are enabled, you can update the encryption settings as needed. To disable encryption, clear Enable encryption. To update the KMS key, specify a key from the same region as your S3 bucket.

    5. To save your changes, choose Save.

Data Streaming

You can export contact trace records (CTRs) and agent events from Amazon Connect and perform real-time analysis on contacts. Data streaming uses the Amazon Kinesis platform to support data streaming.

To set up data streaming

  1. Open the Amazon Connect console at https://console.aws.amazon.com/connect/.

  2. Choose the name of the instance from Instance Alias.

  3. In the navigation pane, choose Data streaming.

  4. Choose Enable data streaming.

  5. Select Kinesis or Kinesis Data Firehose, and then do one of the following:

    • To use an existing Amazon Kinesis stream or Kinesis Data Firehose, select the resource in the drop-down list.

    • To create a new resource, choose Create a new Amazon Kinesis stream (or Kinesis Data Firehose).

      This opens the Amazon Kinesis console where you can create the stream or firehose to use with Amazon Connect. Wait until the stream or firehose is created, then return to the Amazon Connect console.

      Reload the page so that the stream or firehose you created is displayed in the resource selection, then select the stream or firehose.

    Note

    If you enable server-side encryption for the Kinesis stream you select, Amazon Connect cannot publish to the stream because it does not have permission to Kinesis kms:GenerateDataKey. To work-around this, enable encryption for call recordings or scheduled reports, create a customer master key (CMK) using KMS to use for encryption, and then choose the same CMK for your Kinesis data stream that you use for call recording or scheduled reports encryption so that Amazon Connect has appropriate permissions to encrypt data sent to Kinesis. To learn more about creating a customer master key (CMK) KMS key, see Creating Keys.

  6. Choose Save.

Application Integration

All domains that embed the CCP for a particular instance must be explicitly whitelisted for cross-domain access to the instance. For example, to integrate with Salesforce, you must whitelist your Salesforce Visualforce domain.

To whitelist a domain URL

  1. Open the Amazon Connect console at https://console.aws.amazon.com/connect/.

  2. Choose the name of the instance from Instance Alias.

  3. In the navigation pane, choose Application integration.

  4. Choose Add origin.

  5. Type the URL and choose Add.

Contact Flows

A contact flow defines the customer experience with the contact center from start to end. You can configure your contact flow using the AWS Management Console as follows.

Security Keys

Amazon Connect can encrypt sensitive data collected by contact flows using public-key cryptography. Provide an X.509 certificate within your contact flow to encrypt data captured using the stored customer input system attribute. You must upload a signing key in .pem format in order to use this feature. The signing key is used to verify the signature of the certificate used within the contact flow.

Note

You can have up to two signing keys active at one time to facilitate rotation.

Data that is encrypted within a contact flow is made available through the stored customer input system attribute. The AWS Encryption SDK can be used to decrypt this data within your system. For more information, see the AWS Encryption SDK Developer Guide.

To add a security key

  1. Open the Amazon Connect console at https://console.aws.amazon.com/connect/.

  2. Choose the name of the instance from the Instance Alias column.

  3. In the navigation pane, choose Contact flows.

  4. Choose Add key.

  5. Paste the contents of your public key in Public key contents and choose Add.

Add an Amazon Lex bot to Your Instance

With Amazon Lex, you can build conversational interactions (bots) that feel natural to your customers, giving you access to the same speech recognition and natural language understanding technology that powers Alexa. After you create an Amazon Lex bot, you can add it to your instance and then integrate it into your contact flows. You can add bots from the same region as your Amazon Connect instance, or from a different region.

To add an Amazon Lex bot

  1. Open the Amazon Connect console at https://console.aws.amazon.com/connect/.

  2. Choose the name of the instance from the Instance Alias column.

  3. In the navigation pane, choose Contact flows.

  4. In the Region drop-down list, choose the Region in which you created your Amazon Lex bot.

    If there are bots associated with your AWS account in the chosen region, the bots are displayed in the Bot drop-down list. If no bots are found in the Region, or when there are no additional bots to add from that Region, the drop-down menu is disabled. A message indicates that there are no bots available to choose in that Region.

  5. In the Bots drop-down menu, choose your bot, then choose Add bot.

To create a new bot, Create a new Lex bot to open the Amazon Lex console. You may need to select a region where Amazon Lex is available.

To remove a bot from your instance, choose Remove next to the bot to remove.

Contact flow logs

Select the Enable Contact flow logs check box to start sending your contact flow logs to Amazon CloudWatch. To learn more about Contact flow logs, see Contact Flow Logs.