List of security profile permissions
The security profile permissions in Amazon Connect allow users access to perform specific tasks in Amazon Connect.
The following tables list:
-
UI name: The name of the permission as it appears on the Security profiles page in Amazon Connect.
-
API name: The name of the permission when it is returned by the ListSecurityProfilePermissions API.
-
Use: The functionality granted by the permission.
Routing
UI name | API name | Use |
---|---|---|
Routing profiles - Create |
RoutingPolicies.Create |
|
Routing profiles - Edit |
RoutingPolicies.Edit |
Edit routing profiles. |
Routing profiles - View |
RoutingPolicies.View |
View routing profiles. |
Quick connects - Create |
TransferDestinations.Create |
|
Quick connects - Delete |
TransferDestinations.Delete |
|
Quick connects - Edit |
TransferDestinations.Edit |
Edit quick connects. |
Quick connects - View |
TransferDestinations.View |
View quick connects. Agents need this permission so they can view quick connects in the agent application to transfer calls. |
Hours of operation - Create |
HoursOfOperation.Create |
|
HoursOfOperation - Delete |
HoursOfOperation.Delete |
Delete hours of operation and timezone for a queue. |
HoursOfOperation - Edit |
HoursOfOperation.Edit |
Edit hours of operation and timezone for a queue. |
HoursOfOperation - View |
HoursOfOperation.View |
View hours of operation and timezone for a queue. |
Queues - Create |
Queues.Create |
|
Queues - Edit |
Queues.Edit |
Edit information for a queue, such as name, description, and hours of operation. |
Queues - Enable / Disable |
Queues.EnableAndDisable |
Enable and disable queues to quickly control the flow of contacts to queues temporarily. |
Queues - View |
Queues.View |
View a list of queues in your Amazon Connect instance. |
Task templates - Create |
TaskTemplates.Create |
|
Task templates - Delete |
TaskTemplates.Delete |
Delete task templates. |
Task templates - Edit |
TaskTemplates.Edit |
Edit task templates. |
Task templates - View |
Task templates.View |
View task templates. |
Numbers and flows
UI name | API name | Use |
---|---|---|
Prompts - Create |
Prompts.Create |
|
Prompts - Delete |
Prompts.Delete |
Delete prompts. |
Prompts - Edit |
Prompts.Edit |
Edit prompts. |
Prompts - View |
Prompts.View |
View a list of available prompts. |
ContactFlows - Create |
ContactFlows.Create |
|
ContactFlows - Delete |
ContactFlows.Delete |
|
ContactFlows - Edit |
ContactFlows.Edit |
Edit flows. |
ContactFlows - Publish |
ContactFlows.Publish |
Publish flows. |
ContactFlows - View |
ContactFlows.View |
View flows. |
Contact flow modules - Create |
ContactFlowModules.Create |
|
Contact flow modules - Delete |
ContactFlowModules.Delete |
Delete flow modules. |
Contact flow modules - Edit |
ContactFlowModules.Edit |
Edit flow modules. |
Contact flow modules - Publish |
ContactFlowModules.Publish |
Publish flow modules. |
Contact flow modules - View |
ContactFlowModules.View |
View flow modules. |
Phone numbers - Claim |
PhoneNumbers.Claim |
|
Phone numbers - Edit |
PhoneNumbers.Edit |
Edit phone numbers. Attach a claimed or ported phone number to a flow. |
Phone numbers - Release |
PhoneNumbers.Release |
|
Phone numbers - View |
PhoneNumbers.View |
View a list of phone numbers that have been claimed or ported to your Amazon Connect instance. |
Chat test mode - Enable/Disable |
ChatTestMode |
Access a simulated web page so users can test the chat experience. Also grants them the permission to view a list of flows, which is exposed through the Test settings option. |
Users and permissions
UI name | API name | Use |
---|---|---|
Users - Create |
Users.Create |
Add users to Amazon Connect. We recommend you limit who has these permissions. They pose a risk to your contact center because they can do the following:
Doing these things would enable someone to lock out those who need to access Amazon Connect, and allow in others who can steal customer data and damage your business. |
Users - Delete |
Users.Delete |
|
Users - Edit |
Users.Edit |
View and edit user records. As with Users - Create, limit who has these permissions because they pose a risk to your contact center. |
Users - Edit permission |
Users.EditPermission |
View and edit user records. As with Users - Create, limit who has these permissions because they pose a risk to your contact center. |
Users - View |
Users.View |
View user records. |
Agent hierarchy - Create |
AgentGrouping.Create |
Create agent hierarchies. Add groups, teams, and agents. |
Agent hierarchy - Edit |
AgentGrouping.Edit |
Edit agent hierarchies. |
Agent hierarchy - Enable/Disable |
AgentGrouping.EnableAndDisable |
View or edit agent hierarchy information. |
Agent hierarchy - View |
AgentGrouping.View |
View the agent's hierarchy information in a real-time metrics report, which can include their location and skill set data. |
Security profiles - Create |
SecurityProfiles.Create |
|
Security profiles - Delete |
SecurityProfiles.Delete |
Delete security profiles. |
Security profiles - Edit |
SecurityProfiles.Edit |
|
Security profiles - View |
SecurityProfiles.View |
View security profiles. |
Agent status - Create |
AgentStates.Create |
Create an custom agent status. The status appears in the Contact Control Panel (CCP), such as Break, Lunch, or Training. |
Agent status - Edit |
AgentStates.Edit |
Edit a custom agent status. |
Agent status - Enable/Disable |
AgentStates.EnableAndDisable |
View and edit custom agent states. |
Agent status - View |
AgentStates.View |
View an agent's status in the real-time metrics report and historical metrics report. For example, if they are Available, Offline, or in a custom state. View their status in the Agent activity report. |
Contact Control Panel (CCP)
UI name | API name | Use |
---|---|---|
Access Contact Control Panel |
BasicAgentAccess |
Manages access to the Contact Control Panel (CCP). Assign this permission to agents as well as managers who need to monitor live conversations. |
Contact Lens data |
RealtimeContactLens.View |
Enables users to view real-time analytics provided by Contact Lens. |
Make outbound calls |
OutboundCallAccess |
Grants users permissions to make outbound calls. For more information about setting up outbound calling, see Set up outbound communications. |
Voice ID |
VoiceId.Access |
Enables controls in the Contact Control Panel so agents can:
|
Restrict task creation |
RestrictTaskCreation.Access |
Block agents from being able to create tasks. |
Analytics
UI name | API name | Use |
---|---|---|
Access metrics |
AccessMetrics |
|
Real-time metrics |
RealTimeMetrics.Access |
Manage access to the real-time metrics page. |
Historical metrics |
HistoricalMetrics.Access |
Manage access to the historical metrics page. |
Agent activity audit |
AgentActivityAudit.Access |
Manage access to the agent activity audit within the historical metrics page. |
Contact Search |
ContactSearch.View |
Access the Contact search page, which is where users can search for contacts and see results on the Contact details page. |
Search contacts by conversation characteristics |
ContactSearchWithCharacteristics.Access |
Access to the Contact Lens filters that enable users to search by sentiment scores, non-talk time, and category. |
Search contacts by conversation characteristics - View |
ContactSearchWithCharacteristics.View |
View the Contact Lens filters that enable users to search by sentiment scores, non-talk time, and category. |
Search contacts by keywords |
ContactSearchWithKeywords.Access |
Search for contacts by keyword. On the Contact Search page, users can access additional filters that allow them to search Contact Lens transcripts by keywords or phrases, such as "thank you for your business." |
Search contacts by keywords - View |
ContactSearchWithKeywords.View |
Search for contacts by keyword. On the Contact Search page, users can access additional filters that allow them to search Contact Lens transcripts by keywords or phrases, such as "thank you for your business." |
Configure searchable contact attributes - View |
ConfigureContactAttributes.View |
Determine what custom attribute data will be searchable (by people who have the Contact attributes permission). It allows them to access the Searchable custom contact attributes page. For more information, see Search by custom contact attributes. |
Restrict contact access |
ContactRecording.Access |
If your organization isn't using Contact Lens for Amazon Connect, use this permission to manage who can listen to recordings, access the corresponding URLs that are generated in S3, and delete recordings. For more information, see Assign permissions to review recordings of past conversations. Checking this box limits a user's access to contacts based on their agent hierarchy. The user will only have access to contacts handled by agent within their own hierarchy. |
Restrict contact access |
RestrictContactAccessByHierarchy.View |
Manage a user's access to results on the Contact search page based on their agent hierarchy group. For more information, see Manage who can search for contacts and access detailed information. |
Contact attributes |
ContactAttributes.View |
View contact attributes. Also controls access to the search filters based on contact attributes. For more information, see Search by custom contact attributes. |
Contact Lens speech analytics - View |
GraphTrends.View |
On the Contact Details page for a contact, users can view graphs that summarize speech analytics, such as customer sentiment trend, sentiment, and talk time. |
Contact Lens - custom vocabularies - Edit |
ContactLensCustomVocabulary.Edit |
|
Contact Lens - custom vocabularies - View |
ContactLensCustomVocabulary.View |
|
Rules - Create |
Rules.Create |
|
Rules - Delete |
Rules.Delete |
Delete rules. |
Rules - Edit |
Rules.Edit |
Edit rules. |
Rules - View |
Rules.View |
View rules. |
Recorded conversations (redacted) |
RedactedData.View |
On the Contact details and Contact search pages for a contact, listen to call recording files and view call transcripts in which the sensitive data has been removed. |
Recorded conversations (unredacted) - View |
ListenCallRecordings |
On the Contact details and Contact search pages for a contact, view unredacted content that contains sensitive data, such as name and credit card information.
If you have permissions to both Recorded conversations (redacted) and Recorded conversations (unredacted), note the following behavior:
To access unredacted conversations, remove permissions to Recorded conversations (redacted). This leaves the user with only Recorded conversations (unredacted) permissions. You cannot access both the redacted and unredacted version of a conversation at the same time. |
Recorded conversations (unredacted) - Access |
ListenCallRecordings |
View the Play icon so they can listen to call recordings by using the Amazon Connect user interface. |
Recorded conversations (unredacted) - Enable download button |
DownloadCallRecordings |
Download call recordings. By default, the Enable download button permission is granted too so the user can download recordings through the user interface. |
Recorded conversations (unredacted) - Delete |
DeleteCallRecordings |
Delete call recordings. By default, the Enable download button permission is granted too so the user can delete recordings through the user interface. |
Login/Logout report - View |
AgentTimeCard.View |
|
Manager monitor - Enable/Disable |
ManagerListenIn |
Monitor live conversations and listen to recordings of past conversations. Be sure to assign managers to the Agent security profile so they can access the Contact Control Panel (CCP). This enables them to monitor the conversation through the CCP. |
Saved reports - View |
MetricsReports.View |
|
Saved reports - Create |
MetricsReports.Create MetricsReports.Share |
|
Saved reports - Edit |
MetricsReports.Edit |
Edit save reports. |
Saved reports - Delete |
MetricsReports.Delete |
Delete saved reports. |
Saved reports - Publish |
MetricsReports.Publish |
|
Saved reports - Schedule |
MetricsReports.Schedule MetricsReports.Publish ReportSchedules.Create ReportSchedules.Delete ReportSchedules.Edit ReportSchedules.View |
Schedule a saved report. By default, the user gets permission to create, delete, edit, and view a saved report. |
Evaluation forms - perform evaluations |
Evaluation.Create Evaluation.View Evaluation.Edit Evaluation.Delete |
|
Evaluation forms - manage form definitions |
EvaluationForms.Create EvaluationForms.View EvaluationForms.Edit EvaluationForms.Delete |
|
Voice ID - attributes and search |
VoiceIdAttributesAndSearch.View |
Search for and view Voice ID results on the Contact detail page. |
Historical changes
UI name | API name | Use |
---|---|---|
View historical changes |
HistoricalChanges.View |
On the User management page, view historical changes to user records. |
Customer Profiles
UI name | API name | Use |
---|---|---|
Customer profiles - Create |
CustomerProfiles.Create |
|
Customer profiles - Edit |
CustomerProfiles.Edit |
Edit customer profiles in the agent application. |
Customer profiles - View |
CustomerProfiles.View |
Edit customer profiles in the agent application. |
Agent Applications
UI name | API name | Use |
---|---|---|
Wisdom - View |
Wisdom.View |
Cases
UI name | API name | Use |
---|---|---|
Cases - Create |
Cases.Create |
|
Cases - View |
Cases.View |
View cases in the agent application. |
Cases - Edit |
Cases.Edit |
Edit cases in the agent application. |
Case Fields - Create |
CaseFields.Create |
|
Case Fields - View |
CaseFields.View |
View case fields. |
Case Fields - Edit |
CaseFields.Edit |
Edit case fields. |
Case Templates - Create |
CaseTemplates.Create |
|
Case Templates - View |
CaseTemplates.View |
View case templates. |
Case Templates - Edit |
CaseTemplates.Edit |
Edit case templates. |
Campaigns
UI name | API name | Use |
---|---|---|
Campaigns - Create |
Campaigns.Create |
|
Campaigns - Delete |
Campaigns.Delete |
Delete outbound campaigns. |
Campaigns - Edit |
Campaigns.Edit |
Edit outbound campaigns. |
Campaigns - Manage |
Campaigns.Delete |
Manage outbound campaigns. |
Campaigns - View |
|
View outbound campaigns. |