How to get security and routing profile?

0

I have the following cf script creating a simple AWS Connect instance.

Resources: 
  AmazonConnectInstance:
    Type: AWS::Connect::Instance
    Properties:
      Attributes:
        InboundCalls: YES
        OutboundCalls: YES
      IdentityManagementType: CONNECT_MANAGED
      InstanceAlias: 'my-demo-1234fhy49d'

Now I'd like to create an admin user in the same script:

...
ConnectUserAdmin:
    Type: AWS::Connect::User
    Properties:
      IdentityInfo:
        FirstName: admin
        LastName: user
      Username: adminuser
      InstanceArn: !GetAtt AmazonConnectInstance.Arn
      RoutingProfileArn: ?????
      SecurityProfileArns: [?????]
      Password: '1234567890'

However, I can't find a way to retrieve instance's security profiles or routing profiles. For example something like this !GetAtt AmazonConnectInstance.AdminProfileArn or !GetAtt AmazonConnectInstance.DefaultRoutingProfileArn would be helpful. How could I go about it (without using a custom resource)?

Important: I don't mean how to retrieve instance's security profiles or routing profiles using GET API or using cli aws connect.

1回答
3
承認された回答

The available return values are here, unfortunately these do not include the properties you are looking for.

However, if you look at the docs for the Security Profile and Routing Profile, you can connect them to the instance ARN. As such, you create the Profiles and within them reference the instance ARN via the Fn::Get (!GetAtt) of the Instance that you created with you code.

This should look like below in combination with your existing code:

Resources: 
  AmazonConnectInstance:
    Type: AWS::Connect::Instance
    Properties:
      Attributes:
        InboundCalls: YES
        OutboundCalls: YES
      IdentityManagementType: CONNECT_MANAGED
      InstanceAlias: 'my-demo-1234fhy49d'

  SecuriyProfile:
    Type: AWS::Connect::SecurityProfile
    Properties:
      AllowedAccessControlHierarchyGroupId: String
      AllowedAccessControlTags: 
        - Tag
      Applications: 
        - Application
      Description: String
      HierarchyRestrictedResources: 
        - String
      InstanceArn: !GetAtt AmazonConnectInstance.Arn
      Permissions: 
        - String
      SecurityProfileName: String
      TagRestrictedResources: 
        - String
      Tags: 
        - Tag

  RoutingProfile:
    Type: AWS::Connect::RoutingProfile
    Properties:
      AgentAvailabilityTimer: String
      DefaultOutboundQueueArn: String
      Description: String
      InstanceArn: !GetAtt AmazonConnectInstance.Arn
      MediaConcurrencies: 
        - MediaConcurrency
      Name: String
      QueueConfigs: 
        - RoutingProfileQueueConfig
      Tags: 
        - Tag

  ConnectUserAdmin:
    Type: AWS::Connect::User
    Properties:
      IdentityInfo:
        FirstName: admin
        LastName: user
      Username: adminuser
      InstanceArn: !GetAtt AmazonConnectInstance.Arn
      RoutingProfileArn: !GetAtt RoutingProfile.RoutingProfileArn
      SecurityProfileArns: !GetAtt SecurityProfile.SecurityProfileArn
      Password: '1234567890'

Hope this helps!

profile pictureAWS
エキスパート
回答済み 4ヶ月前
profile picture
エキスパート
レビュー済み 4ヶ月前
profile picture
エキスパート
レビュー済み 4ヶ月前
エキスパート
レビュー済み 4ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ