How to get security and routing profile?

0

I have the following cf script creating a simple AWS Connect instance.

Resources: 
  AmazonConnectInstance:
    Type: AWS::Connect::Instance
    Properties:
      Attributes:
        InboundCalls: YES
        OutboundCalls: YES
      IdentityManagementType: CONNECT_MANAGED
      InstanceAlias: 'my-demo-1234fhy49d'

Now I'd like to create an admin user in the same script:

...
ConnectUserAdmin:
    Type: AWS::Connect::User
    Properties:
      IdentityInfo:
        FirstName: admin
        LastName: user
      Username: adminuser
      InstanceArn: !GetAtt AmazonConnectInstance.Arn
      RoutingProfileArn: ?????
      SecurityProfileArns: [?????]
      Password: '1234567890'

However, I can't find a way to retrieve instance's security profiles or routing profiles. For example something like this !GetAtt AmazonConnectInstance.AdminProfileArn or !GetAtt AmazonConnectInstance.DefaultRoutingProfileArn would be helpful. How could I go about it (without using a custom resource)?

Important: I don't mean how to retrieve instance's security profiles or routing profiles using GET API or using cli aws connect.

1 Answer
3
Accepted Answer

The available return values are here, unfortunately these do not include the properties you are looking for.

However, if you look at the docs for the Security Profile and Routing Profile, you can connect them to the instance ARN. As such, you create the Profiles and within them reference the instance ARN via the Fn::Get (!GetAtt) of the Instance that you created with you code.

This should look like below in combination with your existing code:

Resources: 
  AmazonConnectInstance:
    Type: AWS::Connect::Instance
    Properties:
      Attributes:
        InboundCalls: YES
        OutboundCalls: YES
      IdentityManagementType: CONNECT_MANAGED
      InstanceAlias: 'my-demo-1234fhy49d'

  SecuriyProfile:
    Type: AWS::Connect::SecurityProfile
    Properties:
      AllowedAccessControlHierarchyGroupId: String
      AllowedAccessControlTags: 
        - Tag
      Applications: 
        - Application
      Description: String
      HierarchyRestrictedResources: 
        - String
      InstanceArn: !GetAtt AmazonConnectInstance.Arn
      Permissions: 
        - String
      SecurityProfileName: String
      TagRestrictedResources: 
        - String
      Tags: 
        - Tag

  RoutingProfile:
    Type: AWS::Connect::RoutingProfile
    Properties:
      AgentAvailabilityTimer: String
      DefaultOutboundQueueArn: String
      Description: String
      InstanceArn: !GetAtt AmazonConnectInstance.Arn
      MediaConcurrencies: 
        - MediaConcurrency
      Name: String
      QueueConfigs: 
        - RoutingProfileQueueConfig
      Tags: 
        - Tag

  ConnectUserAdmin:
    Type: AWS::Connect::User
    Properties:
      IdentityInfo:
        FirstName: admin
        LastName: user
      Username: adminuser
      InstanceArn: !GetAtt AmazonConnectInstance.Arn
      RoutingProfileArn: !GetAtt RoutingProfile.RoutingProfileArn
      SecurityProfileArns: !GetAtt SecurityProfile.SecurityProfileArn
      Password: '1234567890'

Hope this helps!

profile pictureAWS
EXPERT
iBehr
answered 3 months ago
profile picture
EXPERT
reviewed 3 months ago
profile picture
EXPERT
reviewed 3 months ago
EXPERT
reviewed 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions