Set up an IAM user account

If the Verint recording components are not hosted in AWS, create an IAM user account. This account allows the Verint components to access and read from the Kinesis stream. The account credentials (Access Key ID and Access Key Secret) are required for the data source configuration.

The Service Provider creates the account.

If the Verint components are hosted in AWS, you do not need to create an IAM user account. See Create an IAM role for Verint components.

Before you begin

Procedure 

  1. In AWS, create an IAM policy with Amazon Kinesis as the AWS service and specify the ARN of the stream you created.

  2.  Include the following permissions:  

    • kinesis:ListShards

    • kinesis:GetShardIterator

    • kinesis:DescribeStream

    • kinesis:GetRecords

    • dynamodb:CreateTable

    • dynamodb:DescribeTable

    • dynamodb:GetItem

    • dynamodb:PutItem

    • dynamodb:Scan

    • dynamodb:UpdateItem

    • dynamodb:DeleteItem

    • cloudwatch:PutMetricData

    If Twilio content is being stored in Amazon S3 storage, the policy must also allow access to the storage:

    • s3:ListBucket

    • s3:GetObject

    For information on the CreateTable action, see DynamoDB and the CreateTable action.

    For an example of the JSON policy, see Sample IAM Policies.

  3. Create a user. Copy and save the Access Key ID and Secret Access Key.

  4. Attach the IAM policy you created to the user.

Related topics 

Twilio application data source settings

Related information 

Policies and Permissions (AWS Documentation)

IAM users (AWS Documentation)