Supported features Prerequisites Connection instructions Learn more

Box

Box is a cloud storage service that offers file hosting capabilities. You can use Amazon Kendra to index content in your Box content, including comments, tasks, and web links.

You can connect Amazon Kendra to your Box data source using the Amazon Kendra console and the BoxConfiguration API.

For troubleshooting your Amazon Kendra Box data source connector, see Troubleshooting data sources.

Supported features

Amazon Kendra Box data source connector supports the following features:

Change log
Field mappings
User context filtering
Inclusion/exclusion filters
Virtual private cloud (VPC)

Prerequisites

Before you can use Amazon Kendra to index your Box data source, make these changes in your Box and AWS accounts.

In Box, make sure you have:

A Box Enterprise or Box Enterprise Plus account.
Created a Box custom app in the Box Developer Console and configured it to use Server Authentication (with JWT).
Set your App Access Level to App + Enterprise Access and allowed it to Make API calls using the as-user header.
Used the admin user to add the following Application Scopes in your Box app:
- Write all files and folders stored in a Box
- Manage users
- Manage groups
- Manage enterprise properties
Generated and downloaded Public/Private key pair including a client ID, a client secret, a public key ID, private key ID, a pass phrase, and an enterprise ID to use as authentication credentials. See Public and private keypair for more details.
Copied your Box enterprise ID either from your Box Developer Console settings or from your Box app. For example, 801234567.
Checked each document is unique in Box and across other data sources you plan to use for the same index. Each data source that you want to use for an index must not contain the same document across the data sources. Document IDs are global to an index and must be unique per index.

In your AWS account, make sure you have:

Created an Amazon Kendra index and, if using the API, noted the index ID.
Created an IAM role for your data source and, if using the API, noted the ARN of the IAM role.

Note
If you change your authentication type and credentials, you must update your IAM role to access the correct AWS Secrets Manager secret ID.
Stored your Box authentication credentials in an AWS Secrets Manager secret and, if using the API, noted the ARN of the secret.

Note
We recommend that you regularly refresh or rotate your credentials and secret. Provide only the necessary access level for your own security. We do not recommend that you re-use credentials and secrets across data sources, and connector versions 1.0 and 2.0 (where applicable).

If you don’t have an existing IAM role or secret, you can use the console to create a new IAM role and Secrets Manager secret when you connect your Box data source to Amazon Kendra. If you are using the API, you must provide the ARN of an existing IAM role and Secrets Manager secret, and an index ID.

Connection instructions

To connect Amazon Kendra to your Box data source, you must provide the necessary details of your Box data source so that Amazon Kendra can access your data. If you have not yet configured Box for Amazon Kendra, see Prerequisites.

Console

To connect Amazon Kendra to Box

Sign in to the AWS Management Console and open the Amazon Kendra console.
From the left navigation pane, choose Indexes and then choose the index you want to use from the list of indexes.

Note
You can choose to configure or edit your User access control settings under Index settings.
On the Getting started page, choose Add data source.
On the Add data source page, choose Box connector, and then choose Add connector.
On the Specify data source details page, enter the following information:
1. In Name and description, for Data source name—Enter a name for your data source. You can include hyphens but not spaces.
2. (Optional) Description—Enter an optional description for your data source.
3. In Default language—Choose a language to filter your documents for the index. Unless you specify otherwise, the language defaults to English. Language specified in the document metadata overrides the selected language.
4. In Tags, for Add new tag—Include optional tags to search and filter your resources or track your AWS costs.
5. Choose Next.
On the Define access and security page, enter the following information:
1. Box enterprise ID—Enter your Box Enterprise ID.
2. AWS Secrets Manager secret—Choose an existing secret or create a new Secrets Manager secret to store your Box authentication credentials. If you choose to create a new secret an AWS Secrets Manager secret window opens.
  1. Secret name—A name for your secret. The prefix ‘AmazonKendra-Box-’ is automatically added to your secret name.
  2. For Client ID, Client Secret, Public Key ID, Private Key ID, and Pass Phrase—Enter the values from the Public/Private Key you generated in your Box account and downloaded from your Box account.
  3. Choose Save.
3. Virtual Private Cloud (VPC)—You can choose to use a VPC. If so, you must add Subnets and VPC security groups.
4. IAM role—Choose an existing IAM role or create a new IAM role to access your repository credentials and index content.
  
  Note
  IAM roles used for indexes cannot be used for data sources. If you are unsure if an existing role is used for an index or FAQ, choose Create a new role to avoid errors.
5. Choose Next.
On the Configure sync settings page, enter the following information:
1. Select entities or content types—The Box entities or content types you want to crawl. Each comment is indexed as a separate document.
2. Change log—Select to update your index only for new or modified content instead of syncing all your files.
3. Regex patterns—Regular expression patterns to include or exclude certain files. You can add up to 100 patterns.
4. In Sync run schedule, for Frequency—Choose how often Amazon Kendra will sync with your data source.
5. Choose Next.
On the Set field mappings page, enter the following information:
1. For Files and folders, Comments, Tasks, and Web Links—Select from the Amazon Kendra generated default data source fields you want to map to your index.
2. Add field—To add custom data source fields to create an index field name to map to and the field data type.
3. Choose Next.
On the Review and create page, check that the information you have entered is correct and then select Add data source. You can also choose to edit your information from this page. Your data source will appear on the Data sources page after the data source has been added successfully.

API

To connect Amazon Kendra to Box

You must specify the following using the BoxConfiguration API:

Box enterprise ID—Provide your Box Enterprise ID. You can find the enterprise ID in the Box Developer Console settings or when you create an app in Box.

Secret Amazon Resource Name (ARN)—Provide the Amazon Resource Name (ARN) of an Secrets Manager secret that contains the authentication credentials for your Box account. The secret is stored in a JSON structure with the following keys:
```
{
    "clientID": "client-id",
    "clientSecret": "client-secret",
    "publicKeyID": "public-key-id",
    "privateKey": "private-key",
    "passphrase": "pass-phrase"
}
```
Note
We recommend that you regularly refresh or rotate your credentials and secret. Provide only the necessary access level for your own security. We do not recommend that you re-use credentials and secrets across data sources, and connector versions 1.0 and 2.0 (where applicable).
IAM role—Specify RoleArn when you call CreateDataSource to provide an IAM role with permissions to access your Secrets Manager secret and to call the required public APIs for the Box connector and Amazon Kendra. For more information, see IAM roles for Box data sources.

You can also add the following optional features:

Virtual Private Cloud (VPC)—Specify VpcConfiguration as part of the data source configuration. See Configuring Amazon Kendra to use a VPC.
Change log—Whether Amazon Kendra should use the Box data source change log mechanism to determine if a document must be updated in the index.

Note
Use the change log if you don’t want Amazon Kendra to scan all of the documents. If your change log is large, it might take Amazon Kendra less time to scan the documents in the Box data source than to process the change log. If you are syncing your Box data source with your index for the first time, all documents are scanned.
Comments, tasks, web links—Specify whether to crawl these types of content.

Note
Most data sources use regular expression patterns, which are inclusion or exclusion patterns referred to as filters. If you specify an inclusion filter, only content that matches the inclusion filter is indexed. Any document that doesn’t match the inclusion filter isn’t indexed. If you specify an inclusion and exclusion filter, documents that match the exclusion filter are not indexed, even if they match the inclusion filter.
Inclusion and exclusion filters—Specify whether to include or exclude certain Box files and folders.

Note
Most data sources use regular expression patterns, which are inclusion or exclusion patterns referred to as filters. If you specify an inclusion filter, only content that matches the inclusion filter is indexed. Any document that doesn’t match the inclusion filter isn’t indexed. If you specify an inclusion and exclusion filter, documents that match the exclusion filter are not indexed, even if they match the inclusion filter.
User context filtering and access control—Amazon Kendra crawls the access control list (ACL) for your documents, if you have an ACL for your documents. The ACL information is used to filter search results based on the user or their group access to documents. For more information, see User context filtering.
Field mappings—Choose to map your Box data source fields to your Amazon Kendra index fields. For more information, see Mapping data source fields.

Note
The document body field or the document body equivalent for your documents is required in order for Amazon Kendra to search your documents. You must map your document body field name in your data source to the index field name _document_body. All other fields are optional.

Learn more

To learn more about integrating Amazon Kendra with your Box data source, see:

Getting started with the Amazon Kendra Box connector

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Amazon WorkDocs

Confluence

Box

Topics

Supported features

Prerequisites

Note

Note

Connection instructions

Note

Note

Note

Note

Note

Note

Note

Learn more