Posted On: Oct 19, 2018

Today, Amazon Connect is introducing support for using AWS Identity and Access Management (IAM) service-linked roles, a new type of IAM role that allows you to easily delegate permissions to AWS services.

These service-linked roles are predefined by Amazon Connect and include all the permissions that the service requires to use other AWS services on your behalf. Examples include the permissions that Amazon Connect requires to use Amazon S3 for call recordings, Amazon Kinesis for streaming data, or Amazon Lex to invoke a chatbot.

Unlike a normal IAM role, you cannot delete the service-linked role if it is still in use by an Amazon Connect instance. This protects you from inadvertently revoking Amazon Connect's required permissions to your resources. The addition of service-linked roles to Amazon Connect also helps with monitoring and auditing requirements in AWS CloudTrail by logging actions performed by Amazon Connect against the respective service-linked role.

Service-linked roles are available in all AWS regions where Amazon Connect is offered. There is no charge in addition to standard pricing for service usage and associated telephony rates. To learn more about Amazon Connect, the AWS service for self-service contact centers in the cloud, please visit the Amazon Connect website.