Series: Install and configure the Amazon Polly integration
Configure IAM role with permissions for Amazon Polly app
To access Amazon Polly, Genesys Cloud must have permission to use resources in Amazon Web Services (AWS). This procedure explains how to set up an IAM role in AWS. Assign this role to the Amazon Polly integration later, when you configure and activate the app in Genesys Cloud.
- AWS Identity and Access Management (IAM) is a web service that controls access to AWS resources. An IAM role is similar to a user, because it defines an AWS identity with permission policies that determine what the identity can do in AWS. An IAM role can be assumed by trusted identities, including applications such as Genesys Cloud, AWS services such as EC2, or a user. Each IAM role defines necessary permissions to make AWS service requests. For more information, see IAM Roles in Amazon’s AWS Identity and Access Management User Guide.
- A valid subscription is required. If you do not have a valid subscription, the integration does not activate and returns an invalid credentials error.
To configure an IAM role:
- Log in to AWS.
- Navigate to the AWS Services page.
- Select IAM.
- Under Dashboard, select Roles.
- On the Roles page, click Create role.
- Select Another AWS Account as the type of trusted entity.
- In the Account ID box, enter 765628985471 (Core/Satellite regions). This number is Genesys Cloud’s production account ID. If you need the FedRAMP region [US-East-2] account ID, please contact your Genesys representative.
- To enhance security, Genesys recommends that you check the Require External ID box and enter your Genesys Cloud organization’s ID.
- Click Next: Permissions.
- Next, assign permission policies to the role. In the search box, type Amazon Polly. Then select the AmazonPollyReadOnlyAccess policy check box. AmazonPollyReadOnly provides read-only access to Amazon Polly, allowing the role to view Amazon Polly resources.Note: This permission does not give Genesys Cloud the ability to edit Amazon Polly.
- Click Next: Tags.
- (Optional) Add metadata to the role by attaching tags as key-value pairs. For more information, see Tagging AIM Entities in the AWS Identitiy and Access Management User Guide.
- Click Next: Review.
- In the Role Name box, type a name.
- In the Role description box, enter descriptive text about the role.
- Verify that the account number for Trusted entities matches the Genesys Cloud production account ID you entered in step 7.
- Click Create Role. A message appears, indicating that the role was created successfully.
- Click the newly created role’s hyperlink. Summary details about the role appear.
- Next to the Role ARN, click the Copy icon to copy the ARN to the Clipboard. Use the ARN to complete the next task, Activate and configure the Amazon Polly integration.Note: An Amazon Resource Name (ARN) is a unique identifier that unambiguously identifies a resource.