List of security profile permissions in Amazon Connect
The security profile permissions in Amazon Connect allow users access to perform specific tasks in Amazon Connect.
The following tables list:
-
UI name: The name of the permission as it appears on the Security profiles page in Amazon Connect.
-
API name: The name of the permission when it is returned by the ListSecurityProfilePermissions API.
-
Use: The functionality granted by the permission.
Routing
UI name | API name | Use |
---|---|---|
Routing profiles - Create |
RoutingPolicies.Create |
|
Routing profiles - Edit |
RoutingPolicies.Edit |
Edit routing profiles. |
Routing profiles - View |
RoutingPolicies.View |
View routing profiles. |
Quick connects - Create |
TransferDestinations.Create |
|
Quick connects - Delete |
TransferDestinations.Delete |
|
Quick connects - Edit |
TransferDestinations.Edit |
Edit quick connects. |
Quick connects - View |
TransferDestinations.View |
View quick connects. Agents need this permission so they can view quick connects in the agent application to transfer calls. |
Hours of operation - Create |
HoursOfOperation.Create |
|
HoursOfOperation - Delete |
HoursOfOperation.Delete |
Delete hours of operation and timezone for a queue. |
HoursOfOperation - Edit |
HoursOfOperation.Edit |
Edit hours of operation and timezone for a queue. |
HoursOfOperation - View |
HoursOfOperation.View |
View hours of operation and timezone for a queue. |
Queues - Create |
Queues.Create |
|
Queues - Edit |
Queues.Edit |
Edit information for a queue, such as name, description, and hours of operation. |
Queues - Enable / Disable |
Queues.EnableAndDisable |
Enable and disable queues to quickly control the flow of contacts to queues temporarily. |
Queues - View |
Queues.View |
View a list of queues in your Amazon Connect instance. |
Task templates - Create |
TaskTemplates.Create |
|
Task templates - Delete |
TaskTemplates.Delete |
Delete task templates. |
Task templates - Edit |
TaskTemplates.Edit |
Edit task templates. |
Task templates - View |
TaskTemplates.View |
View task templates. |
Channels and flows
UI name | API name | Use |
---|---|---|
Prompts - Create |
Prompts.Create |
|
Prompts - Delete |
Prompts.Delete |
Delete prompts. |
Prompts - Edit |
Prompts.Edit |
Edit prompts. |
Prompts - View |
Prompts.View |
View a list of available prompts. |
ContactFlows - Create |
ContactFlows.Create |
|
ContactFlows - Delete |
ContactFlows.Delete |
|
ContactFlows - Edit |
ContactFlows.Edit |
Edit flows. |
ContactFlows - Publish |
ContactFlows.Publish |
Publish flows. |
ContactFlows - View |
ContactFlows.View |
View flows. |
Flow modules - Create |
ContactFlowModules.Create |
|
Flow modules - Delete |
ContactFlowModules.Delete |
Delete flow modules. |
Flow modules - Edit |
ContactFlowModules.Edit |
Edit flow modules. |
Flow modules - Publish |
ContactFlowModules.Publish |
Publish flow modules. |
Flow modules - View |
ContactFlowModules.View |
View flow modules. |
Phone numbers - Claim |
PhoneNumbers.Claim |
|
Phone numbers - Edit |
PhoneNumbers.Edit |
Edit phone numbers. Attach a claimed or ported phone number to a flow in Amazon Connect. |
Phone numbers - Release |
PhoneNumbers.Release |
|
Phone numbers - View |
PhoneNumbers.View |
View a list of phone numbers that have been claimed or ported to your Amazon Connect instance. |
Communication widget - Enable/Disable |
ChatTestMode |
Access a simulated web page so users can test the chat experience. Also grant users the Contactflow.View permission so they can view and choose from a list of available flows in the Test settings option. |
Views |
Views.View |
Allow access to Views |
Users and permissions
UI name | API name | Use |
---|---|---|
Users - Create |
Users.Create |
Add users to Amazon Connect. We recommend you limit who has these permissions. They pose a risk to your contact center because they can do the following:
Doing these things would enable someone to lock out those who need to access Amazon Connect, and allow in others who can steal customer data and damage your business. |
Users - Delete |
Users.Delete |
|
Users - Edit |
Users.Edit |
View and edit all user identity information except for security profiles. As with Users - Create, limit who has these permissions because they pose a risk to your contact center. |
Users - Edit permission |
Users.EditPermission |
View and edit user security profiles. As with Users - Create, limit who has these permissions because they pose a risk to your contact center. |
Users - View |
Users.View |
View user records. |
Agent hierarchy - Create |
AgentGrouping.Create |
Create agent hierarchies. Add groups, teams, and agents. |
Agent hierarchy - Edit |
AgentGrouping.Edit |
Edit agent hierarchies. |
Agent hierarchy - Enable/Disable |
AgentGrouping.EnableAndDisable |
View or edit agent hierarchy information. |
Agent hierarchy - View |
AgentGrouping.View |
View the agent's hierarchy information in a real-time metrics report, which can include their location and skill set data. |
Security profiles - Create |
SecurityProfiles.Create |
|
Security profiles - Delete |
SecurityProfiles.Delete |
Delete security profiles. |
Security profiles - Edit |
SecurityProfiles.Edit |
|
Security profiles - View |
SecurityProfiles.View |
View security profiles. |
Agent status - Create |
AgentStates.Create |
Create an custom agent status. The status appears in the Contact Control Panel (CCP), such as Break, Lunch, or Training. |
Agent status - Edit |
AgentStates.Edit |
Edit a custom agent status. |
Agent status - Enable/Disable |
AgentStates.EnableAndDisable |
View and edit custom agent states. |
Agent status - View |
AgentStates.View |
View an agent's status in the real-time metrics report and historical metrics report. For example, if they are Available, Offline, or in a custom state. View their status in the Agent activity report. |
Contact Control Panel (CCP)
UI name | API name | Use |
---|---|---|
Access Contact Control Panel |
BasicAgentAccess |
Manages access to the Contact Control Panel (CCP). Assign this permission to agents as well as managers who need to monitor live conversations. |
Contact Lens data |
RealtimeContactLens.View |
Enables users to view real-time analytics provided by Contact Lens. |
Make outbound calls |
OutboundCallAccess |
Grants users permissions to make outbound calls. For more information about setting up outbound calling, see Set up outbound calling in Amazon Connect. |
Voice ID |
VoiceId.Access |
Enables controls in the Contact Control Panel so agents can:
|
Restrict task creation |
RestrictTaskCreation.Access |
Block agents from being able to create tasks. |
Audio device settings |
AudioDeviceSettings.Access |
|
Video calls |
VideoContact.Access |
Analytics and Optimization
UI name | API name | Use |
---|---|---|
Access metrics |
AccessMetrics |
|
Real-time metrics |
AccessMetrics.RealTimeMetrics.Access |
Manage access to the real-time metrics page. |
Historical metrics |
AccessMetrics.HistoricalMetrics.Access |
Manage access to the historical metrics page. |
Agent activity audit |
AccessMetrics.AgentActivityAudit.Access |
Manage access to the agent activity audit within the historical metrics page. |
Dashboards |
AccessMetrics.Dashboards.Access |
Dashboards in Amazon Connect for getting contact center performance data |
Contact Search |
ContactSearch.View |
Access the Contact search page, which is where users can search for contacts and see results on the Contact details page. |
View My Contacts |
MyContacts.View |
Allows agents to view contacts that they themselves had handled, on Contact search and Contact details pages. |
Search contacts by conversation characteristics |
ContactSearchWithCharacteristics.Access |
Access to the Contact Lens filters that enable users to search by sentiment scores, non-talk time, and category. |
Search contacts by conversation characteristics - View |
ContactSearchWithCharacteristics.View |
View the Contact Lens filters that enable users to search by sentiment scores, non-talk time, and category. |
Search contacts by keywords |
ContactSearchWithKeywords.Access |
Search for contacts by keyword. On the Contact Search page, users can access additional filters that allow them to search Contact Lens transcripts by keywords or phrases, such as "thank you for your business." |
Search contacts by keywords - View |
ContactSearchWithKeywords.View |
Search for contacts by keyword. On the Contact Search page, users can access additional filters that allow them to search Contact Lens transcripts by keywords or phrases, such as "thank you for your business." |
Configure searchable contact attributes - View |
ConfigureContactAttributes.View |
Determine what custom attribute data will be searchable (by people who have the Contact attributes permission). It allows them to access the Searchable custom contact attributes page. For more information, see Search for contacts in Amazon Connect by using custom contact attributes. |
Restrict contact access |
RestrictContactAccessByHierarchy.View |
Manage a user's access to results on the Contact search page based on their agent hierarchy group. For more information, see Manage who can search for contacts and access detailed information. |
Contact attributes |
ContactAttributes.View |
View contact attributes. Also controls access to the search filters based on contact attributes. For more information, see Search for contacts in Amazon Connect by using custom contact attributes. |
Contact Lens - conversational analytics - View |
GraphTrends.View |
On the Contact details page for a contact, users can view conversational analytics outputs such as graphs (on sentiment, talk time, and other various outputs), sentiment indicators, and contact category labels on conversation recordings and transcripts. Users can view data on the Amazon Connect Contact Lens conversational analytics dashboard. |
Contact Lens - custom vocabularies - Edit |
ContactLensCustomVocabulary.Edit |
|
Contact Lens - custom vocabularies - View |
ContactLensCustomVocabulary.View |
|
Contact Lens - post-contact summary |
ContactLensPostContactSummary.View |
View post-contact summarization powered by generative artificial intelligence (generative AI) on the Contact Search and Contact Details pages. |
Contact Lens - theme detection - Create |
ThemeDetection.Create |
|
Contact Lens - theme detection - View |
ThemeDetection.View |
View theme detection reports on the Contact search page. |
Contact Lens - theme detection - Delete |
ThemeDetection.Delete |
Delete theme detection reports on the Contact search page. |
Rules - Create |
Rules.Create |
|
Rules - Delete |
Rules.Delete |
Delete rules. |
Rules - Edit |
Rules.Edit |
Edit rules. |
Rules - View |
Rules.View |
View rules. |
Recorded conversations (redacted) |
RedactedData.View |
On the Contact details and Contact search pages for a contact, listen to call recording files and view call transcripts in which the sensitive data has been removed. |
Recorded conversations (unredacted) - View |
ListenCallRecordings |
On the Contact details and Contact search pages for a contact, view unredacted content that contains sensitive data, such as name and credit card information.
ImportantIf you have permissions to both Recorded conversations (redacted) and Recorded conversations (unredacted), note the following behavior:
To access unredacted conversations, remove permissions to Recorded conversations (redacted). This leaves the user with only Recorded conversations (unredacted) permissions. You cannot access both the redacted and unredacted version of a conversation at the same time. |
Recorded conversations (unredacted) - Access |
ListenCallRecordings |
View the Play icon so they can listen to call recordings by using the Amazon Connect admin website. |
Recorded conversations (unredacted) - Enable download button |
DownloadCallRecordings |
Enables buttons to download and delete call recordings. By default, the Enable download button permission is granted so the user can Download call recordings through the Amazon Connect admin website. To perform a download, however, the user needs permissions to access a Recorded conversation (unredacted). |
Recorded conversations (unredacted) - Delete |
DeleteCallRecordings |
Delete call recordings. By default, the Enable download button permission is granted too so the user can delete recordings through the Amazon Connect admin website. |
Login/Logout report - View |
AgentTimeCard.View |
|
Real-time contact barge-in - Enable/Disable |
ManagerBargeIn |
Enables supervisors and managers to barge into live conversations between agents and customers. To learn more about Barge for live conversations, see Barge into live voice and chat conversations between contact center agents and customers. |
Real-time contact monitoring- Enable/Disable |
ManagerListenIn |
Monitor live conversations and listen to recordings of past conversations. Be sure to assign managers to the Agent security profile so they can access the Contact Control Panel (CCP). This enables them to monitor the conversation through the CCP. |
Saved reports (admin) |
ReportsAdmin.View ReportsAdmin.Delete |
View and delete all saved reports in your instance, including those not created by you. |
Saved reports - View |
MetricsReports.View |
|
Saved reports - Create |
MetricsReports.Create MetricsReports.Share |
|
Saved reports - Edit |
MetricsReports.Edit |
Edit save reports. |
Saved reports - Delete |
MetricsReports.Delete |
Delete saved reports. |
Saved reports - Publish |
MetricsReports.Publish |
|
Saved reports - Schedule |
MetricsReports.Schedule MetricsReports.Publish ReportSchedules.Create ReportSchedules.Delete ReportSchedules.Edit ReportSchedules.View |
Schedule a saved report. By default, the user gets permission to create, delete, edit, and view a saved report. |
Evaluation forms - perform evaluations |
Evaluation.Create Evaluation.View Evaluation.Edit Evaluation.Delete |
|
Evaluation forms - manage form definitions |
EvaluationForms.Create EvaluationForms.View EvaluationForms.Edit EvaluationForms.Delete |
|
Evaluation forms - ask AI assistant |
EvaluationAssistant.Access |
Access the Ask AI button while performing evaluations, enabling the user to get generative AI-powered recommendations for answers to questions in evaluation forms. |
Voice ID - attributes and search |
VoiceIdAttributesAndSearch.View |
Search for and view Voice ID results on the Contact detail page. |
Voice ID - attributes and search |
VoiceIdAttributesAndSearch.View |
Search for and view Voice ID results on the Contact detail page. |
Forecasting - View |
Forecasting.View |
|
Forecasting - Edit |
Forecasting.Edit |
Create and edit contact volume and average handle time forecasts. |
Forecasting - Publish |
Forecasting.Publish |
|
Forecast and schedule interval - Edit and View |
ForecastScheduleInterval.Edit ForecastScheduleInterval.View |
|
Capacity planning - View |
Capacity.View |
|
Capacity planning - Edit |
Capacity.Edit |
|
Capacity planning - Publish |
Capacity.Publish |
|
Screen recording - Access |
ScreenRecording.Access |
Access the screen recording media player and view videos on the Contact details page. ImportantScreen recording merges the screen recording video with the unredacted call recording file. If users have permission to view screen recordings, they can listen to the unredacted audio. |
Screen recording - Enable download button |
ScreenRecording.Download |
Enables the button to download screen recordings on the Contact details page. By default, the Enable download button permission is granted so the user can download screen recordings through the Amazon Connect admin website. To perform a download, the user also needs Screen recording - Access permissions. |
Contact Actions
UI name | API name | Use |
---|---|---|
Transfer Contact |
TransferContact.Enabled |
Transfer contacts on Analytics and optimization pages. Currently transfer of task contacts to quick connects is supported on the Contact details page. |
End contact |
StopContact.Enabled |
End contacts on Analytics and optimization pages. Currently supported on the Contact details page. |
Reschedule contact |
UpdateContactSchedule.Enabled |
Reschedule previously scheduled contact on Analytics and optimization pages. Currently supported on the Contact details page for task contacts only. |
Historical changes
UI name | API name | Use |
---|---|---|
View historical changes |
HistoricalChanges.View |
View historical changes on all Amazon Connect admin website pages that support historical changes. |
Customer Profiles
UI name | API name | Use |
---|---|---|
Customer profiles - Create |
CustomerProfiles.Create |
|
Customer profiles - Edit |
CustomerProfiles.Edit |
Edit customer profiles in the agent application. |
Customer profiles - View |
CustomerProfiles.View |
View customer profiles in the agent application. |
Customer profiles Calculated Attributes - Create |
CustomerProfiles.CalculatedAttributes.Create |
Create calculated attributes. |
Customer profiles Calculated Attributes - Edit |
CustomerProfiles.CalculatedAttributes.Edit |
Edit calculated attributes. |
Customer profiles Calculated Attributes - Delete |
CustomerProfiles.CalculatedAttributes.Delete |
Delete calculated attributes. |
Customer profiles Calculated Attributes - View |
CustomerProfiles.CalculatedAttributes.View |
View calculated attributes. |
Scheduling
UI name | API name | Use |
---|---|---|
Schedule manager - View |
Scheduling.View |
View generated staff schedules in the Schedule manager user experience. |
Schedule manager - Edit |
Scheduling.Edit |
Create, edit schedule configuration and publish generated staff schedules. |
Schedule manager - Publish |
Scheduling.Publish |
Publish a schedule by using Schedule Manager. |
Published schedule calendar |
Scheduling.View |
View a schedule. |
Time off requests - Approve, Edit, View |
TimeOff.Approve TimeOff.Edit TimeOff.View |
|
Time off balance - Edit, View |
TimeOffBalance.Edit TimeOffBalance.View |
|
Team calendar |
TeamCalendar.View |
View published staff schedules in the Published Calendar user experience. |
Team calendar |
TeamCalendar.Edit |
Edit published staff schedules in the Published Calendar user experience. |
Agent Applications
UI name | API name | Use |
---|---|---|
Agent application schedule calendar |
StaffCalendar.View StaffCalendar.Edit |
Ability for agents to view their schedules. The Edit permission is required for agents to view and use the Time off widget on their schedule that they use to request time off. If they only have View permission, the Time off widget will not appear on their schedule. For an example image that shows the Time off widget on an agent's schedule, see Agent initiated time off request. |
Custom views |
CustomViews.Access |
Use the Agent Workspace guided experience guide. |
Amazon Q in Connect |
Wisdom.View |
|
|
|
Allows agents to access a third-party application. |
Content Management - Quick responses - Create |
ContentManagement.Create |
Set up a knowledge base to store quick responses. Create, import, and view the import history of quick responses that are displayed in the agent application. |
Content Management - Quick responses - Edit |
ContentManagement.Edit |
Edit, import, and view the import history of quick responses that are displayed in the agent application. |
Content Management - Quick responses - View |
ContentManagement.View |
View a list of quick responses in the Amazon Connect admin website. |
Content Management - Quick responses - Delete |
ContentManagement.Delete |
Delete quick responses by using the Amazon Connect admin website. |
Cases
UI name | API name | Use |
---|---|---|
Audit History - View |
CaseHistory.View |
View the audit history of cases in the agent application. |
Cases - Create |
Cases.Create |
|
Cases - View |
Cases.View |
View cases in the agent application. |
Cases - Edit |
Cases.Edit |
Edit cases in the agent application. |
Case Fields - Create |
CaseFields.Create |
|
Case Fields - View |
CaseFields.View |
View case fields. |
Case Fields - Edit |
CaseFields.Edit |
Edit case fields. |
Case Templates - Create |
CaseTemplates.Create |
|
Case Templates - View |
CaseTemplates.View |
View case templates. |
Case Templates - Edit |
CaseTemplates.Edit |
Edit case templates. |
Campaigns
UI name | API name | Use |
---|---|---|
Campaigns - Create |
Campaigns.Create |
|
Campaigns - Delete |
Campaigns.Delete |
Delete outbound campaigns. |
Campaigns - Edit |
Campaigns.Edit |
Edit outbound campaigns. |
Campaigns - Manage |
Campaigns.Delete |
Manage outbound campaigns. |
Campaigns - View |
|
View outbound campaigns. |