Integration Error: Amazon Q Business Microsoft Teams Connector – "Access denied during operation"

Q&A
,
1

I am currently building an automation workflow in Amazon Q Business (us-east-1) and I am unable to successfully configure the Microsoft Teams/Outlook Action Connector.

When attempting to save the configuration using Service-to-Service OAuth (Service Authentication), the process fails.

The Error: The UI displays a generic failure, but the network response/console returns the following:

JSON

{
    "Message": "Access denied during the operation. Please check your permissions",
    "RequestId": "0a05202a-788b-4f65-a66f-eeaec9ee530e"
}

Configuration Details:

  • Region: us-east-1

  • Auth Method: Service-to-service OAuth (Client Credentials)

  • Identity Provider: Microsoft Entra ID (Azure AD)

  • URLs used: * Token: https://login.microsoftonline.com/[Tenant_ID]/oauth2/v2.0/token

    • Base: https://graph.microsoft.com/v1.0

  • Scope: https://graph.microsoft.com/.default

It seems like there is an internal failure when Amazon Q tries to validate the connection or store the secret. Has anyone encountered this “Access Denied” error during the initial connector setup? Is there a specific IAM service-linked role or Secrets Manager permission required that might be missing?

Any guidance would be appreciated!

AmazonQ #QuickSight #MicrosoftTeams #AWSConnectors IAM

2

Hi @Pooja_Guwalani,

Welcome to the Quick Community! Since the client credentials you listed seem to fulfill the action connector requirements, I would definitely double check that your permissions for Azure AD are configured correctly, especially since it is a different IAM protocol from AWS.

Let me know if this helps or at least showcases any more info!

3

Hi @Pooja_Guwalani,

Just checking back in since we haven’t heard from you in a bit. I wanted to see if the guidance shared earlier helped resolve your question, or if you found a solution in the meantime.

If you still have any additional questions related to your initial post, feel free to share them. Otherwise, any update you’re able to provide within the next 3 business days would be helpful for the community.

Thank you

4

Hi @Pooja_Guwalani ,

Since I haven’t received any further updates from you, I’ll treat this inquiry as complete for now. If you have any additional questions, feel free to create a new post in the community and link this discussion for context.

Thank you