Amazon Connect Service

2024/03/15 - Amazon Connect Service - 4 updated api methods

Changes  This release adds Hierarchy based Access Control fields to Security Profile public APIs and adds support for UserAttributeFilter to SearchUsers API.

CreateSecurityProfile (updated) Link ¶
Changes (request)
{'AllowedAccessControlHierarchyGroupId': 'string',
 'HierarchyRestrictedResources': ['string']}

Creates a security profile.

See also: AWS API Documentation

Request Syntax

client.create_security_profile(
    SecurityProfileName='string',
    Description='string',
    Permissions=[
        'string',
    ],
    InstanceId='string',
    Tags={
        'string': 'string'
    },
    AllowedAccessControlTags={
        'string': 'string'
    },
    TagRestrictedResources=[
        'string',
    ],
    Applications=[
        {
            'Namespace': 'string',
            'ApplicationPermissions': [
                'string',
            ]
        },
    ],
    HierarchyRestrictedResources=[
        'string',
    ],
    AllowedAccessControlHierarchyGroupId='string'
)
type SecurityProfileName

string

param SecurityProfileName

[REQUIRED]

The name of the security profile.

type Description

string

param Description

The description of the security profile.

type Permissions

list

param Permissions

Permissions assigned to the security profile. For a list of valid permissions, see List of security profile permissions .

  • (string) --

type InstanceId

string

param InstanceId

[REQUIRED]

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

type Tags

dict

param Tags

The tags used to organize, track, or control access for this resource. For example, { "Tags": {"key1":"value1", "key2":"value2"} }.

  • (string) --

    • (string) --

type AllowedAccessControlTags

dict

param AllowedAccessControlTags

The list of tags that a security profile uses to restrict access to resources in Amazon Connect.

  • (string) --

    • (string) --

type TagRestrictedResources

list

param TagRestrictedResources

The list of resources that a security profile applies tag restrictions to in Amazon Connect. Following are acceptable ResourceNames: User | SecurityProfile | Queue | RoutingProfile

  • (string) --

type Applications

list

param Applications

This API is in preview release for Amazon Connect and is subject to change.

A list of third-party applications that the security profile will give access to.

  • (dict) --

    This API is in preview release for Amazon Connect and is subject to change.

    A third-party application's metadata.

    • Namespace (string) --

      Namespace of the application that you want to give access to.

    • ApplicationPermissions (list) --

      The permissions that the agent is granted on the application. Only the ACCESS permission is supported.

      • (string) --

type HierarchyRestrictedResources

list

param HierarchyRestrictedResources

The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: User .

  • (string) --

type AllowedAccessControlHierarchyGroupId

string

param AllowedAccessControlHierarchyGroupId

The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.

rtype

dict

returns

Response Syntax

{
    'SecurityProfileId': 'string',
    'SecurityProfileArn': 'string'
}

Response Structure

  • (dict) --

    • SecurityProfileId (string) --

      The identifier for the security profle.

    • SecurityProfileArn (string) --

      The Amazon Resource Name (ARN) for the security profile.

DescribeSecurityProfile (updated) Link ¶
Changes (response)
{'SecurityProfile': {'AllowedAccessControlHierarchyGroupId': 'string',
                     'HierarchyRestrictedResources': ['string']}}

Gets basic information about the security profle.

See also: AWS API Documentation

Request Syntax

client.describe_security_profile(
    SecurityProfileId='string',
    InstanceId='string'
)
type SecurityProfileId

string

param SecurityProfileId

[REQUIRED]

The identifier for the security profle.

type InstanceId

string

param InstanceId

[REQUIRED]

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

rtype

dict

returns

Response Syntax

{
    'SecurityProfile': {
        'Id': 'string',
        'OrganizationResourceId': 'string',
        'Arn': 'string',
        'SecurityProfileName': 'string',
        'Description': 'string',
        'Tags': {
            'string': 'string'
        },
        'AllowedAccessControlTags': {
            'string': 'string'
        },
        'TagRestrictedResources': [
            'string',
        ],
        'LastModifiedTime': datetime(2015, 1, 1),
        'LastModifiedRegion': 'string',
        'HierarchyRestrictedResources': [
            'string',
        ],
        'AllowedAccessControlHierarchyGroupId': 'string'
    }
}

Response Structure

  • (dict) --

    • SecurityProfile (dict) --

      The security profile.

      • Id (string) --

        The identifier for the security profile.

      • OrganizationResourceId (string) --

        The organization resource identifier for the security profile.

      • Arn (string) --

        The Amazon Resource Name (ARN) for the secruity profile.

      • SecurityProfileName (string) --

        The name for the security profile.

      • Description (string) --

        The description of the security profile.

      • Tags (dict) --

        The tags used to organize, track, or control access for this resource. For example, { "Tags": {"key1":"value1", "key2":"value2"} }.

        • (string) --

          • (string) --

      • AllowedAccessControlTags (dict) --

        The list of tags that a security profile uses to restrict access to resources in Amazon Connect.

        • (string) --

          • (string) --

      • TagRestrictedResources (list) --

        The list of resources that a security profile applies tag restrictions to in Amazon Connect.

        • (string) --

      • LastModifiedTime (datetime) --

        The timestamp when this resource was last modified.

      • LastModifiedRegion (string) --

        The Amazon Web Services Region where this resource was last modified.

      • HierarchyRestrictedResources (list) --

        The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: User .

        • (string) --

      • AllowedAccessControlHierarchyGroupId (string) --

        The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.

SearchUsers (updated) Link ¶
Changes (request)
{'SearchFilter': {'UserAttributeFilter': {'AndCondition': {'HierarchyGroupCondition': {'HierarchyGroupMatchType': 'EXACT '
                                                                                                                  '| '
                                                                                                                  'WITH_CHILD_GROUPS',
                                                                                       'Value': 'string'},
                                                           'TagConditions': [{'TagKey': 'string',
                                                                              'TagValue': 'string'}]},
                                          'HierarchyGroupCondition': {'HierarchyGroupMatchType': 'EXACT '
                                                                                                 '| '
                                                                                                 'WITH_CHILD_GROUPS',
                                                                      'Value': 'string'},
                                          'OrConditions': [{'HierarchyGroupCondition': {'HierarchyGroupMatchType': 'EXACT '
                                                                                                                   '| '
                                                                                                                   'WITH_CHILD_GROUPS',
                                                                                        'Value': 'string'},
                                                            'TagConditions': [{'TagKey': 'string',
                                                                               'TagValue': 'string'}]}],
                                          'TagCondition': {'TagKey': 'string',
                                                           'TagValue': 'string'}}}}

Searches users in an Amazon Connect instance, with optional filtering.

Note

AfterContactWorkTimeLimit is returned in milliseconds.

See also: AWS API Documentation

Request Syntax

client.search_users(
    InstanceId='string',
    NextToken='string',
    MaxResults=123,
    SearchFilter={
        'TagFilter': {
            'OrConditions': [
                [
                    {
                        'TagKey': 'string',
                        'TagValue': 'string'
                    },
                ],
            ],
            'AndConditions': [
                {
                    'TagKey': 'string',
                    'TagValue': 'string'
                },
            ],
            'TagCondition': {
                'TagKey': 'string',
                'TagValue': 'string'
            }
        },
        'UserAttributeFilter': {
            'OrConditions': [
                {
                    'TagConditions': [
                        {
                            'TagKey': 'string',
                            'TagValue': 'string'
                        },
                    ],
                    'HierarchyGroupCondition': {
                        'Value': 'string',
                        'HierarchyGroupMatchType': 'EXACT'|'WITH_CHILD_GROUPS'
                    }
                },
            ],
            'AndCondition': {
                'TagConditions': [
                    {
                        'TagKey': 'string',
                        'TagValue': 'string'
                    },
                ],
                'HierarchyGroupCondition': {
                    'Value': 'string',
                    'HierarchyGroupMatchType': 'EXACT'|'WITH_CHILD_GROUPS'
                }
            },
            'TagCondition': {
                'TagKey': 'string',
                'TagValue': 'string'
            },
            'HierarchyGroupCondition': {
                'Value': 'string',
                'HierarchyGroupMatchType': 'EXACT'|'WITH_CHILD_GROUPS'
            }
        }
    },
    SearchCriteria={
        'OrConditions': [
            {'... recursive ...'},
        ],
        'AndConditions': [
            {'... recursive ...'},
        ],
        'StringCondition': {
            'FieldName': 'string',
            'Value': 'string',
            'ComparisonType': 'STARTS_WITH'|'CONTAINS'|'EXACT'
        },
        'HierarchyGroupCondition': {
            'Value': 'string',
            'HierarchyGroupMatchType': 'EXACT'|'WITH_CHILD_GROUPS'
        }
    }
)
type InstanceId

string

param InstanceId

[REQUIRED]

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

Note

InstanceID is a required field. The "Required: No" below is incorrect.

type NextToken

string

param NextToken

The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.

type MaxResults

integer

param MaxResults

The maximum number of results to return per page.

type SearchFilter

dict

param SearchFilter

Filters to be applied to search results.

  • TagFilter (dict) --

    An object that can be used to specify Tag conditions inside the SearchFilter . This accepts an OR of AND (List of List) input where:

    • Top level list specifies conditions that need to be applied with OR operator

    • Inner list specifies conditions that need to be applied with AND operator.

    • OrConditions (list) --

      A list of conditions which would be applied together with an OR condition.

      • (list) --

        • (dict) --

          A leaf node condition which can be used to specify a tag condition, for example, HAVE BPO = 123 .

          • TagKey (string) --

            The tag key in the tag condition.

          • TagValue (string) --

            The tag value in the tag condition.

    • AndConditions (list) --

      A list of conditions which would be applied together with an AND condition.

      • (dict) --

        A leaf node condition which can be used to specify a tag condition, for example, HAVE BPO = 123 .

        • TagKey (string) --

          The tag key in the tag condition.

        • TagValue (string) --

          The tag value in the tag condition.

    • TagCondition (dict) --

      A leaf node condition which can be used to specify a tag condition.

      • TagKey (string) --

        The tag key in the tag condition.

      • TagValue (string) --

        The tag value in the tag condition.

  • UserAttributeFilter (dict) --

    An object that can be used to specify Tag conditions or Hierarchy Group conditions inside the SearchFilter.

    This accepts an OR of AND (List of List) input where:

    • The top level list specifies conditions that need to be applied with OR operator.

    • The inner list specifies conditions that need to be applied with AND operator.

    Note

    Only one field can be populated. This object can’t be used along with TagFilter. Request can either contain TagFilter or UserAttributeFilter if SearchFilter is specified, combination of both is not supported and such request will throw AccessDeniedException.

    • OrConditions (list) --

      A list of conditions which would be applied together with an OR condition.

      • (dict) --

        A list of conditions which would be applied together with an AND condition.

        • TagConditions (list) --

          A leaf node condition which can be used to specify a tag condition.

          • (dict) --

            A leaf node condition which can be used to specify a tag condition, for example, HAVE BPO = 123 .

            • TagKey (string) --

              The tag key in the tag condition.

            • TagValue (string) --

              The tag value in the tag condition.

        • HierarchyGroupCondition (dict) --

          A leaf node condition which can be used to specify a hierarchy group condition.

          • Value (string) --

            The value in the hierarchy group condition.

          • HierarchyGroupMatchType (string) --

            The type of hierarchy group match.

    • AndCondition (dict) --

      A list of conditions which would be applied together with an AND condition.

      • TagConditions (list) --

        A leaf node condition which can be used to specify a tag condition.

        • (dict) --

          A leaf node condition which can be used to specify a tag condition, for example, HAVE BPO = 123 .

          • TagKey (string) --

            The tag key in the tag condition.

          • TagValue (string) --

            The tag value in the tag condition.

      • HierarchyGroupCondition (dict) --

        A leaf node condition which can be used to specify a hierarchy group condition.

        • Value (string) --

          The value in the hierarchy group condition.

        • HierarchyGroupMatchType (string) --

          The type of hierarchy group match.

    • TagCondition (dict) --

      A leaf node condition which can be used to specify a tag condition, for example, HAVE BPO = 123 .

      • TagKey (string) --

        The tag key in the tag condition.

      • TagValue (string) --

        The tag value in the tag condition.

    • HierarchyGroupCondition (dict) --

      A leaf node condition which can be used to specify a hierarchy group condition.

      • Value (string) --

        The value in the hierarchy group condition.

      • HierarchyGroupMatchType (string) --

        The type of hierarchy group match.

type SearchCriteria

dict

param SearchCriteria

The search criteria to be used to return users.

Note

The name and description fields support "contains" queries with a minimum of 2 characters and a maximum of 25 characters. Any queries with character lengths outside of this range will throw invalid results.

  • OrConditions (list) --

    A list of conditions which would be applied together with an OR condition.

    • (dict) --

      The search criteria to be used to return users.

      Note

      The name and description fields support "contains" queries with a minimum of 2 characters and a maximum of 25 characters. Any queries with character lengths outside of this range will throw invalid results.

  • AndConditions (list) --

    A list of conditions which would be applied together with an AND condition.

    • (dict) --

      The search criteria to be used to return users.

      Note

      The name and description fields support "contains" queries with a minimum of 2 characters and a maximum of 25 characters. Any queries with character lengths outside of this range will throw invalid results.

  • StringCondition (dict) --

    A leaf node condition which can be used to specify a string condition.

    The currently supported values for FieldName are Username , FirstName , LastName , RoutingProfileId , SecurityProfileId , ResourceId .

    • FieldName (string) --

      The name of the field in the string condition.

    • Value (string) --

      The value of the string.

    • ComparisonType (string) --

      The type of comparison to be made when evaluating the string condition.

  • HierarchyGroupCondition (dict) --

    A leaf node condition which can be used to specify a hierarchy group condition.

    • Value (string) --

      The value in the hierarchy group condition.

    • HierarchyGroupMatchType (string) --

      The type of hierarchy group match.

rtype

dict

returns

Response Syntax

{
    'Users': [
        {
            'Arn': 'string',
            'DirectoryUserId': 'string',
            'HierarchyGroupId': 'string',
            'Id': 'string',
            'IdentityInfo': {
                'FirstName': 'string',
                'LastName': 'string'
            },
            'PhoneConfig': {
                'PhoneType': 'SOFT_PHONE'|'DESK_PHONE',
                'AutoAccept': True|False,
                'AfterContactWorkTimeLimit': 123,
                'DeskPhoneNumber': 'string'
            },
            'RoutingProfileId': 'string',
            'SecurityProfileIds': [
                'string',
            ],
            'Tags': {
                'string': 'string'
            },
            'Username': 'string'
        },
    ],
    'NextToken': 'string',
    'ApproximateTotalCount': 123
}

Response Structure

  • (dict) --

    • Users (list) --

      Information about the users.

      • (dict) --

        Information about the returned users.

        • Arn (string) --

          The Amazon Resource Name (ARN) of the user.

        • DirectoryUserId (string) --

          The directory identifier of the user.

        • HierarchyGroupId (string) --

          The identifier of the user's hierarchy group.

        • Id (string) --

          The identifier of the user's summary.

        • IdentityInfo (dict) --

          The user's first name and last name.

          • FirstName (string) --

            The user's first name.

          • LastName (string) --

            The user's last name.

        • PhoneConfig (dict) --

          Contains information about the phone configuration settings for a user.

          • PhoneType (string) --

            The phone type.

          • AutoAccept (boolean) --

            The Auto accept setting.

          • AfterContactWorkTimeLimit (integer) --

            The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.

            Note

            When returned by a SearchUsers call, AfterContactWorkTimeLimit is returned in milliseconds.

          • DeskPhoneNumber (string) --

            The phone number for the user's desk phone.

        • RoutingProfileId (string) --

          The identifier of the user's routing profile.

        • SecurityProfileIds (list) --

          The identifiers of the user's security profiles.

          • (string) --

        • Tags (dict) --

          The tags used to organize, track, or control access for this resource. For example, { "Tags": {"key1":"value1", "key2":"value2"} }.

          • (string) --

            • (string) --

        • Username (string) --

          The name of the user.

    • NextToken (string) --

      If there are additional results, this is the token for the next set of results.

    • ApproximateTotalCount (integer) --

      The total number of users who matched your search query.

UpdateSecurityProfile (updated) Link ¶
Changes (request)
{'AllowedAccessControlHierarchyGroupId': 'string',
 'HierarchyRestrictedResources': ['string']}

Updates a security profile.

See also: AWS API Documentation

Request Syntax

client.update_security_profile(
    Description='string',
    Permissions=[
        'string',
    ],
    SecurityProfileId='string',
    InstanceId='string',
    AllowedAccessControlTags={
        'string': 'string'
    },
    TagRestrictedResources=[
        'string',
    ],
    Applications=[
        {
            'Namespace': 'string',
            'ApplicationPermissions': [
                'string',
            ]
        },
    ],
    HierarchyRestrictedResources=[
        'string',
    ],
    AllowedAccessControlHierarchyGroupId='string'
)
type Description

string

param Description

The description of the security profile.

type Permissions

list

param Permissions

The permissions granted to a security profile. For a list of valid permissions, see List of security profile permissions .

  • (string) --

type SecurityProfileId

string

param SecurityProfileId

[REQUIRED]

The identifier for the security profle.

type InstanceId

string

param InstanceId

[REQUIRED]

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

type AllowedAccessControlTags

dict

param AllowedAccessControlTags

The list of tags that a security profile uses to restrict access to resources in Amazon Connect.

  • (string) --

    • (string) --

type TagRestrictedResources

list

param TagRestrictedResources

The list of resources that a security profile applies tag restrictions to in Amazon Connect.

  • (string) --

type Applications

list

param Applications

This API is in preview release for Amazon Connect and is subject to change.

A list of the third-party application's metadata.

  • (dict) --

    This API is in preview release for Amazon Connect and is subject to change.

    A third-party application's metadata.

    • Namespace (string) --

      Namespace of the application that you want to give access to.

    • ApplicationPermissions (list) --

      The permissions that the agent is granted on the application. Only the ACCESS permission is supported.

      • (string) --

type HierarchyRestrictedResources

list

param HierarchyRestrictedResources

The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: User .

  • (string) --

type AllowedAccessControlHierarchyGroupId

string

param AllowedAccessControlHierarchyGroupId

The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.

returns

None