How Amazon Q Business connector crawls Slack ACLs

Connectors support crawling ACL and identity information where applicable based on the data source. If you index documents without ACLs, all documents are considered public. Indexing documents with ACLs ensures data security.

Amazon Q Business supports crawling ACLs for document security by default.

When you connect an Slack data source to Amazon Q Business, Amazon Q Business crawls ACL information (channel IDs) attached to a document from your Slack instance. If you choose to activate ACL crawling, this information can be used to filter chat responses to your end user's document access level.

Note

User IDs are not crawled as direct ACLs. Identity crawler fetches the user IDs for each channel.

The Slack user IDs are mapped as follows:

_user_id—User IDs exist in Slack on messages and channels where there are set access permissions. They are mapped from the user emails as the IDs in Slack.

For more information, see:

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Using the AWS CloudFormation

Field mappings