Managing access to the Amazon Web Services Support App widget - Amazon Web Services Support
Example IAM policyPermissions required to connect the Amazon Web Services Support App to Slack
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Managing access to the Amazon Web Services Support App widget

You can attach an Amazon Identity and Access Management (IAM) policy to grant an IAM user permission to configure the Amazon Web Services Support App widget in the Amazon Support Center Console.

For more information about how to add a policy to an IAM entity, see Adding IAM identity permissions (console) in the IAM User Guide.

Note

You can also sign in as the root user in your Amazon Web Services account, but we don't recommend that you do this. For more information about root user access, see Safeguard your root user credentials and don't use them for everyday tasks in the IAM User Guide.

Example IAM policy

You can attach the following policy to an entity, such as an IAM user or group. This policy allows a user to authorize a Slack workspace and configure Slack channels in the Support Center Console.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "supportapp:GetSlackOauthParameters",
                "supportapp:RedeemSlackOauthCode",
                "supportapp:DescribeSlackChannels",
                "supportapp:ListSlackWorkspaceConfigurations",
                "supportapp:ListSlackChannelConfigurations",
                "supportapp:CreateSlackChannelConfiguration",
                "supportapp:DeleteSlackChannelConfiguration",
                "supportapp:DeleteSlackWorkspaceConfiguration",
                "supportapp:GetAccountAlias",
                "supportapp:PutAccountAlias",
                "supportapp:DeleteAccountAlias",
                "supportapp:UpdateSlackChannelConfiguration",
                "iam:ListRoles"
            ],
            "Resource": "*"
        }
    ]
}

Permissions required to connect the Amazon Web Services Support App to Slack

The Amazon Web Services Support App includes permission-only actions that don't directly correspond to an API operation. These actions are indicated in the Service Authorization Reference with [permission only].

The Amazon Web Services Support App uses the following API actions to connect to Slack and then lists your public Slack channels in the Amazon Support Center Console:

  • supportapp:GetSlackOauthParameters

  • supportapp:RedeemSlackOauthCode

  • supportapp:DescribeSlackChannels

These API actions are not intended to be called by your code. Therefore, these API actions are not included in the Amazon CLI and Amazon SDKs.