How do I set up Amazon Q Developer chat on the AWS Management Console?

Resolution

Note: If you aren't subscribed to Amazon Q Developer Pro, then chat is available at the Free tier without additional setup.

To set up Amazon Q Developer chat on the AWS Management Console, complete the following steps:

1. Open the AWS Management Console.
2. Turn on AWS Organizations to use an organization instance of AWS IAM Identity Center.
3. Create users or groups in IAM Identity Center.
   Note: New users receive an email invitation to join IAM Identity Center.
4. Create a permission set that allows users to chat with Amazon Q Developer, and then assign the permission set to your users and groups. To view an example policy, see Allow users to chat with Amazon Q.
   Note: To use Amazon Q Developer chat, you must include the q:StartConversation, q:SendMessage, q:GetConversation, and q:ListConversations permissions in the policy. If you don't explicitly allow the permissions, then you receive a permissions error when you try to use Amazon Q Developer chat.
5. Activate identity-aware console sessions.
6. Subscribe users to Amazon Q Developer Pro.
   Note: When you add users, make sure to search for the user's display name that's typically their full name.
7. Use one of the following methods to confirm that the users are successfully subscribed:
   Open the Amazon Q console.
   Choose Subscriptions, and then choose Users.
   Find the users under Subscribed groups and users.
   -or-
   Open the IAM Identity Center console.
   Choose Applications, and then choose the QDefaultProfile application.
   Find the users on the Application details page under Assigned users and groups.
8. Log in as a user in IAM Identity Center and use Amazon Q Developer chat on the console to confirm that users can use it.
   Note: If you receive an authentication error, then choose Retry. Enter the credentials of the subscribed user. After you enter the credentials, you receive an "authentication successful" message.