From the previous setup, we also provisioed an account instance of IAM Identity Center with users and groups added. In order to access a Q application, we need to log in with a user created. So let's reset and update user password first.
- Open AWS Console and navigate to IAM Identity Center
- On the left navigation bar, click on Users to review the list of users created.
You can also view the group.
- We are going to reset a user password for sign-on to Amazon Q Business application web experience.
Navigate to a userdoitand click Reset password located at the top right of the page.
Choose Generate a one-time password and share the password with the user, and click Reset password.
One-time password will be generated.
Open AWS access portal URL in a new tab and sign in with a user namedoitwith the one-time password.
Input your new password for next-time access.
Repeat the same steps for the rest of users, if you would like to use other users.
- Open AWS Console and navigate to Amazon Q Business
- Click Get started and it wil navigate to Applications page. Then clice Create application.
- Enter Application name
test-q-app.
Under Access management method, select AWS IAM Identity Center (recommended).
In Quick start user, select doiT under Users. Optionally, you can select Allusers under Groups.
For Select subscription, selectQ Business Pro.
- Expand Application details.
Under Choose a method to authorize Amazon Q Business, select Create and use a new service-linked role (SLR).
In Web experience settings, under Choose a method to authorize Amazon Q Business, select Use an existing service role, and for Service role name select the role containing the name-WebExperienceRole-.
Then, click Create.
- After complete, you can use Deployed URL to access Amazon Q Business application.
In the next step, we are going to experiment with knowledge bases.