Skip to content

briananderson-xyz/connect-solution

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
3p-apps/secure-file-upload
3p-apps/secure-file-upload
 
 
cdk
cdk
 
 
docs
docs
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Amazon Connect Infrastructure

CDK-managed Amazon Connect instance with 3rd party app integrations.

Architecture

connect/
├── cdk/                                    # Root CDK app
│   ├── bin/cdk.ts                          # Orchestrates all stacks
│   └── lib/
│       ├── connect-instance-stack.ts       # Connect instance + SAML (optional)
│       ├── connect-3p-apps-stack.ts        # 3P app registrations
│       ├── connect-3p-integrations-stack.ts # Associates apps with instance
│       ├── connect-3p-app-base.ts          # Base interface for 3P apps
│       └── connect-q-stack.ts              # Q in Connect (optional)
└── 3p-apps/
    └── secure-file-upload/                 # Example 3P app

Documentation

Guide Description
Architecture Detailed architecture, stack hierarchy, 3P app structure
Q in Connect AI-powered agent assistance with Bedrock knowledge bases
SAML Setup SAML authentication with IAM Identity Center
Importing Resources Bring existing Connect resources under CDK management
Secure File Upload 3P app for secure customer file uploads

Quick Start

export CDK_DEFAULT_ACCOUNT=123456789012
cd cdk

# Copy and edit context file with your values
cp cdk.context.example.json cdk.context.json
# Edit cdk.context.json with your instance ARN, region, etc.

# Deploy (reads from cdk.context.json)
npx cdk deploy --all

Or pass context via CLI:

Option 1: Use Existing Instance

Instance stays outside CDK management. Apps and integrations are managed.

npx cdk deploy --all \
  -c connectRegion=us-west-2 \
  -c connectInstanceArn=arn:aws:connect:us-west-2:123456789012:instance/abc-123

Option 2: Create New Instance

npx cdk deploy --all \
  -c connectRegion=us-west-2 \
  -c instanceAlias=my-connect

With SAML authentication:

npx cdk deploy --all \
  -c connectRegion=us-west-2 \
  -c instanceAlias=my-connect \
  -c identityManagementType=SAML \
  -c samlProviderArn=arn:aws:iam::123456789012:saml-provider/MyProvider

Option 3: Import Existing Instance

Bring an existing instance under CDK management. See Importing Resources.

./scripts/import-instance.sh arn:aws:connect:us-west-2:123456789012:instance/abc-123

Features

Q in Connect (Optional)

Enable AI-powered agent assistance:

npx cdk deploy --all \
  -c connectRegion=us-west-2 \
  -c connectInstanceArn=arn:... \
  -c 'features={"qInConnect":true}'

See Q in Connect for details.

Flow Logs (Optional)

Enable flow logs to capture contact flow execution details in CloudWatch:

npx cdk deploy --all \
  -c connectRegion=us-west-2 \
  -c instanceAlias=my-connect \
  -c 'features={"flowLogs":true}'

View logs:

aws logs filter-log-events \
  --log-group-name /aws/connect/<instance-alias> \
  --filter-pattern "<contact-id>"

Note: For existing instances (connectInstanceArn), enable flow logs via Connect Console → Instance settings → Flows.

Context Parameters

Parameter Required Description
connectRegion Yes Region for Connect instance
connectInstanceArn * Existing instance ARN (skip instance creation)
instanceAlias * New instance alias (creates instance)
identityManagementType No CONNECT_MANAGED (default), SAML, EXISTING_DIRECTORY
samlProviderArn If SAML ARN of existing IAM SAML provider
directoryId If EXISTING_DIRECTORY AWS Directory Service ID
features No Feature flags: {"qInConnect": true, "flowLogs": true} or {"qInConnect": {"enabled": true, "logs": true}}
apps No Per-app config: {"secure-file-upload": {"enabled": true, "region": "us-east-1"}}

* Provide either connectInstanceArn OR instanceAlias, not both.

Adding a New 3rd Party App

  1. Create folder structure: 3p-apps/my-app/cdk/lib/my-app-stack.ts
  2. Implement IConnect3PAppStack interface from connect-3p-app-base.ts
  3. Export agentAppUrl from your stack
  4. Add to app registry in cdk/bin/cdk.ts:
const appRegistry: Record<string, Connect3PAppRegistryEntry> = {
  'secure-file-upload': { ... },
  'my-app': {
    stackClass: MyAppStack,
    displayName: 'My App',
    description: 'Description of my app',
    permissions: ['*'],
  },
};

See Architecture for detailed 3P app structure.

Post-Deployment

Enable apps in Connect security profiles:

  1. Connect Console → Security Profiles
  2. Edit agent's security profile
  3. Enable apps under "Agent Applications"
  4. Save

Dependency Flow

ConnectInstanceStack          SecureFileUploadStack
(or existing ARN)             (independent)
        │                            │
        │ instanceArn                │ agentAppUrl
        │                            ▼
        │                    Connect3PAppsStack
        │                            │
        │                            │ appArns
        ▼                            ▼
       Connect3PIntegrationsStack

CDK deploys in correct order automatically.

Security

See CONTRIBUTING for more information.

License

This project is licensed under the MIT-0 License. See the LICENSE file.

Disclaimer

This solution is intended for demonstration and learning purposes only. It is not intended for production use without thorough review and testing. Use at your own risk.

About

No description, website, or topics provided.

Resources

Readme

License

MIT-0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages