Configuring Salesforce core components
In this section, you'll learn about configuring AWS Partner personas used in the AWS Partner CRM connector, guided setup of the AWS Marketplace integration, onboarding the AWS seller account, and Salesforce configurations.
Permissions sets
The following three primary AWS Partner personas are supported in the AWS Partner CRM connector. You can enable these personas by giving the Salesforce user the corresponding permission set included in the application.
AWS Marketplace administrator
Assign this persona to a systems or business administrator to perform the configuration and manage schedules. This persona provides full access to the AWS Marketplace integration in the Salesforce connector.
This persona can do the following:
-
Read, write, and view records for all objects related to the AWS Marketplace integration.
-
View all AWS Marketplace sync log records.
-
Create schedules related to AWS Marketplace entities.
Note
Certain settings in Salesforce require additional access, specifically named credentials and custom settings that AWS Partners must provide to users. However, if this permission set is paired with a Salesforce systems administrator profile, all permissions needed to fully configure the application should work.
AWS Marketplace user
Assign this persona to the user who creates and manages private offers and resale authorization.
The AWS Marketplace user can do the following:
-
Synchronize AWS Marketplace products, offers, and resale authorizations.
-
Modify expiry dates, and cancel and clone offers and resale authorizations.
-
Access the AWS Marketplace dashboard.
AWS Channel Partner user
The AWS Channel Partner user can do the following:
-
View available shared resale authorizations created by the Independent Software Vendor (ISV) seller.
-
View and create AWS Channel Partner private offers from shared resale authorizations.
Guided setup
The AWS Partner CRM connector provides a guided setup to enable the AWS Marketplace integration.
To launch the guided setup
-
Log in to the Salesforce organization as a system administrator.
-
From the App launcher, search for an choose the AWS Partner CRM connector.
-
Choose the AWS Guided Setup tab.
-
At the bottom of the page, choose the AWS Marketplace integration.
Onboarding AWS seller account
-
Log in to the Salesforce organization as a system administrator.
-
In the top right corner of the page, choose the gear icon and choose Setup.
-
In the Quick Find search bar, choose Named Credentials, Legacy Named Credentials.
-
Enter the following details:
-
Label–
AWS SELLER CATALOG
-
Name–
AWS_SELLER_CATALOG_<
Provide unique account prefix
> -
URL–
https://catalog.marketplace.us-east-1.amazonaws.com
-
Identity type–
Named Principal
-
Authentication protocol–
AWS Signature Version 4
-
AWS Access Key ID–
Access key of IAM user
-
AWS Secret Access Key–
Secret access key of IAM user
-
AWS Region–
us-east-1
-
AWS Service–
aws-marketplace
-
-
Choose Save.
-
Repeat steps 1-6 to onboard other AWS services required for the integration.
The connector supports multiple AWS seller accounts. To use the connector to onboard multiple seller accounts, refer to the following table.
Named Credential Label | Named Credential Name | API endpoint | AWS Region | AWS service |
---|---|---|---|---|
AWS SELLER S3 | AWS_SELLER_S3_<Provide unique account prefix > |
https://s3.amazonaws.com/ | us-east-1 |
s3 |
AWS SELLER STS | AWS_SELLER_STS_<Provide unique account prefix > |
https://sts.us-east-1.amazonaws.com/ | us-east-1 |
sts |
AWS SELLER SQS | AWS_SELLER_SQS_<Provide unique account prefix > |
https://sqs.us-east-1.amazonaws.com/ | us-east-1 |
sqs |
AWS SELLER AGREEMENT | AWS_SELLER_AGREEMENT_<Provide unique account prefix > |
https://agreement-marketplace.us-east-1.amazonaws.com/ | us-east-1 |
aws-marketplace |
After onboarding Named Credentials, go to the AWS Accounts table and choose Refresh Accounts to add the seller accounts to the AWS Accounts table.
System configurations
-
Log in to the Salesforce organization as a system administrator.
-
Open the AWS Marketplace Integration Settings custom settings. For more information, refer to View and Edit Custom Settings
. -
Choose Manage to add Default Org Level values.
-
Enter values for the following settings.
Setting Name Default Value Description Amazon SQS Queue Name NULL
Amazon Simple Queue Service (Amazon SQS) queue used to subscribe to the Amazon Simple Notification System (Amazon SNS) topic for retrieving notifications on the private offer. Note that the connector requires that the name of the SQS queue be the same across all onboarded AWS accounts. Add seller account to buyer list FALSE
Enables the addition of the seller account to the buyer list so you can view the private offer within your account, similar to how a buyer would view it. Are you in any partner programs FALSE
AWS Presigned URL Role Name NULL
The AWS Identity and Access Management (IAM) role in the seller account used for presigning the Amazon Simple Storage Service (Amazon S3) URL for the custom End User License Agreement (EULA) used with the AWS Marketplace catalog API (CAPI). Log_All_Outbound_Requests FALSE
Enables logging on outbound API calls through the connector. Log Level ERROR
Indicates the level of logging for outbound request logs. -
Choose Save.
-
Return to custom settings and choose S3 Bucket Settings.
-
Choose Manage to add the custom setting for Amazon S3.
-
Choose New.
-
Enter values for the following settings.
Setting Name Default Value Description Name N/A Name of the Amazon S3 setting. This name should be same as the AWS account name in the AWS accounts table. S3 Bucket Name N/A Amazon S3 bucket name to store the custom EULA. S3 Bucket Prefix N/A Prefix of the Amazon S3 bucket to store the custom EULA. -
Choose Save.
-
Repeat steps 6-10 to add Amazon S3 settings for multiple seller accounts.