Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Chat applications policies

Chat applications policies in Amazon Organizations enable you to control access to your organization's accounts from chat applications such as Slack and Microsoft Teams.

Amazon Q Developer in chat applications is an Amazon service that enables DevOps and software development teams to use messaging program chat rooms to monitor and respond to operational events in their Amazon Web Services Cloud. Amazon Q Developer in chat applications processes Amazon Web Services service notifications from Amazon Simple Notification Service (Amazon SNS), and forwards them to chat rooms so teams can analyze and act on them immediately, regardless of location.

How chat applications policies work

Using chat applications policies, the management account or delegated administrator of an organization can do the following across an organization:

Chat applications policies restrict and take precedence over account level settings such as role settings and channel guardrail policies. You can access and modify chat applications policies from the Amazon Q Developer in chat applications or the Organizations console.

After the policies are attached to accounts and organizational units (OU), any current and future Amazon Q Developer in chat applications configurations for the accounts in scope will automatically comply with the governance and permissions settings. For more information, see Understanding management policy inheritance.

If you try to perform an action restricted by a chat applications policy, an error message will notify you that the action is not allowed due to the chat applications policy with the recommendation to contact the management account or delegated administrator of your organization.