AWS Machine Learning Blog

Announcing the updated Salesforce connector (V2) for Amazon Kendra

Amazon Kendra is a highly accurate and simple-to-use intelligent search service powered by machine learning (ML). Amazon Kendra offers a suite of data source connectors to simplify the process of ingesting and indexing your content, wherever it resides.

Valuable data in organizations is stored in both structured and unstructured repositories. An enterprise search solution should be able to pull together data across several structured and unstructured repositories to index and search on.

One such data repository is Salesforce. Salesforce is a comprehensive CRM tool for managing support, sales, and marketing teams. It’s an intelligent, proactive, AI-powered platform that empowers employees with the information they need to make the best decisions for every customer. It’s the backbone of the world’s most customer-centered organizations and helps companies put the customer at the center of everything they do.

We’re excited to announce that we have updated the Salesforce connector for Amazon Kendra to add even more capabilities. In this version (V2), we have added support for Salesforce Lightning in addition to Classic. You can now choose to crawl attachments and also bring in identity/ACL information to make your searches more granular. We now support 20 standard entities, and you can choose to index more fields.

You can import the following entities (and attachments for those marked with *):

  • Accounts*
  • Campaign*
  • Partner
  • Pricebook
  • Case*
  • Contact*
  • Contract*
  • Document
  • Group
  • Idea
  • Lead*
  • Opportunity*
  • Product
  • Profile
  • Solution*
  • Task*
  • User*
  • Chatter*
  • Knowledge Articles
  • Custom Objects*

Solution overview

With Amazon Kendra, you can configure multiple data sources to provide a central place to search across your document repository. For our solution, we demonstrate how to index a Salesforce repository or folder using the Amazon Kendra connector for Salesforce. The solution consists of the following steps:

  1. Create and configure an app on Salesforce and get the connection details.
  2. Create a Salesforce data source via the Amazon Kendra console.
  3. Index the data in the Salesforce repository.
  4. Run a sample query to get the information.
  5. Filter the query by users or groups.


To try out the Amazon Kendra connector for Salesforce, you need the following:

Configure a Salesforce app and gather connection details

Before we set up the Salesforce data source, we need a few details about your Salesforce repository. Let’s gather those in advance (refer to Authorization Through Connected Apps and OAuth 2.0 for more details).

  1. Go to and log in with your credentials.

  2. In the navigation pane, choose Setup Home.
  3. Under Apps, choose App Manager.

    This refreshes the right pane.

  4. Choose New Connected App.

  5. Select Enable OAuth Settings to expand the API (Enable OAuth Settings) section.
  6. For Callback URL, enter
  7. For Selected OAuth Scopes, choose eclair_api and choose the right arrow icon.
  8. Select Introspect All Tokens.

  9. Choose Save.A warning appears that says “Changes can take up to 10 minutes to take effect.”
  10. Choose Continue to acknowledge.
  11. On the confirmation page, choose Manage Consumer Details.

  12. Copy and save the values for Consumer Key and Consumer Secret to use later when setting up your Amazon Kendra data source.

    Next, we generate a security token.

  13. On the home page, choose the View Profile icon and choose Settings.

  14. In the navigation pane, expand My Personal Information and choose Reset My Security Token.

    The security token is sent to the email you used when configuring the app. The following screenshot shows an example email.

  15. Save the security token to use when you configure the Salesforce connector to Amazon Kendra.

Configure the Amazon Kendra connector for Salesforce

To configure the Amazon Kendra connector, complete the following steps:

  1. On the Amazon Kendra console, choose Create an Index.

  2. For Index name, enter a name for the index (for example, my-salesforce-index).
  3. Enter an optional description.
  4. Choose Create a new role.
  5. For Role name, enter an IAM role name.
  6. Configure optional encryption settings and tags.
  7. Choose Next.

  8. In the Configure user access control section, leave the settings at their defaults and choose Next.

  9. Select Developer edition and choose Create.

    This creates and propagates the IAM role and then creates the Amazon Kendra index, which can take up to 30 minutes.

  10. Return to the Amazon Kendra console and choose Data sources in the navigation pane.

  11. Scroll down and locate Salesforce Online connector V2.0, and choose Add connector.

  12. For Data source name, enter a name (for example, my-salesforce-datasourcev2).
  13. Enter an optional description.
  14. Choose Next.

  15. For Salesforce URL, enter the URL at the top of the browser when you log in to Salesforce.
  16. For Configure VPC and security group, leave the default (No VPC).
  17. Keep Identity crawler is on selected.This imports identity/ACL information into the index.
  18. For IAM role, choose Create a new role.
  19. Enter a role name, such as AmazonKendra-salesforce-datasourcev2.
  20. Choose Next.

  21. In the Authentication section, choose Create and add new secret.

  22. Enter the details you gathered while setting up the Salesforce app:
    1. Secret name – The name you gave your secret.
    2. Username – The user name you use to log in to Salesforce.
    3. Password – The password you use to log in to Salesforce.
    4. Security token – The security token you received in your email while going through the setup in Salesforce.
    5. Consumer key – The key generated while going through the setup in Salesforce.
    6. Consumer secret – The secret generated while going through the setup in Salesforce.
    7. Authentication URL – Enter
  23. Choose Save.

    The next page is prefilled with the name of the secret.

  24. Choose Next.

  25. Select All standard objects and Include all attachments.
  26. For Sync run schedule, choose Run on demand.
  27. Choose Next.

  28. Keep all the defaults in the Field Mappings section and choose Next.
  29. On the review page, choose Add data source.

  30. Choose Sync now.

This indexes all the content in Salesforce as per your configuration. You will see a success message at the top of the page and also in the sync history.

Test the solution

Now that you have ingested the content from your Salesforce account into your Amazon Kendra index, you can test some queries.

  1. Go to your index and choose Search indexed content in the navigation pane.
  2. Enter a search term and press Enter.

    One of the features of the data source is that it brings in the ACL information along with the contents of Salesforce. You can use this to narrow down your queries by users or groups.

  3. Return to the search page and expand Test query with user name or groups.Choose Apply user name or groups.

  4. For Username, enter your user name and choose Apply.

    A message appears saying Attributes applied.

  5. Enter a new test query and press Enter.

Congratulations! You have successfully used Amazon Kendra to surface answers and insights based on the content indexed from your Salesforce account.


With the Salesforce connector for Amazon Kendra, organizations can tap into the repository of information stored in their account securely using intelligent search powered by Amazon Kendra.

In this post, we introduced you to the basics, but there are many additional features that we didn’t cover. For example:

  • You can enable user-based access control for your Amazon Kendra index and restrict access to users and groups that you configure
  • You can map additional fields to Amazon Kendra index attributes and enable them for faceting, search, and display in the search results
  • You can integrate the Salesforce data source with the Custom Document Enrichment (CDE) capability in Amazon Kendra to perform additional attribute mapping logic and even custom content transformation during ingestion

To learn about these possibilities and more, refer to the Amazon Kendra Developer Guide.

About the author

Ashish Lagwankar is a Senior Enterprise Solutions Architect at AWS. His core interests include AI/ML, serverless, and container technologies. Ashish is based in the Boston, MA, area and enjoys reading, outdoors, and spending time with his family.