Skip to content Skip to footer

Establish a connection between Amazon Q Business and Microsoft SharePoint Online using minimal privilege access controls.

Amazon’s Q Business application links with Microsoft’s SharePoint Online, leveraging generative artificial intelligence to provide employees with company data and insights. This process involves the use of Amazon Q Business Connectors. In this post, least privilege access controls and best practices suggested by the Microsoft SharePoint Dev Support Team are utilized.

The Sites.Selected application permission scope is key to setting up a Q Business application that connects to your SharePoint Online. Many organizations implement policies that prohibit granting read access or full control to any connector, hence the importance of this permission. The approach respects users’ existing identities and roles, acknowledging their unique permissions.

To implement the solution, some prerequisites must be met, including the establishment of an AWS account, the creation of Amazon Q Business application and a Microsoft account with a SharePoint Online subscription. An application in Microsoft Entra ID is also necessary.

A step-by-step guide to registering a new app in the Microsoft Azure portal is provided, followed by the use of the Graph API to grant permissions to the application for the SharePoint Online site.

Finally, readers are shown how to configure the Q Business SharePoint Online connector and test the solution. The solution allows organizations to gain better insights, generate summaries, and get answers to natural language queries within Amazon Q Business. For those experimenting, instructions for deleting the applications to avoid costs are included.

In conclusion, connecting SharePoint Online as a data source to the Amazon Q Business application enhances productivity, decision-making, and knowledge sharing within an organization. Employees are able to easily interact with, and utilize, the organization’s stored SharePoint data.

About the authors: Surendar Gajavelli is a Sr. Solutions Architect based in Nashville, TN who specializes in helping customers build innovative solutions. Abhi Patlolla, also a Sr. Solutions Architect, based out of the NYC region, assists customers in their cloud transformation, AI/ML, and data initiatives.

Leave a comment

0.0/5