Skip to main content

Setting Up SCC-AC Using Guided Setup

  1. Navigate to the SCC-AC Guided Setup page
    1. In Salesforce Setup, search for Partner Telephony Setup in Quick Find, select No. 6 (Set Up More Amazon Connect Features), and then choose Configure. You will be redirected to the SCC-AC Guided Setup page. It should look like this: guided-setup
  2. Enter the Connected App Consumer Key
    1. Retrieve the awsscc GLOBAL_CONNECTED_APP Consumer Key that was stored previously.
    2. Choose Enter Connected App Consumer Key and enter the consumer key.
  3. Enter your AWS Account ID
    1. Retrieve your AWS Account ID.
    2. Choose Enter AWS Account ID and enter your AWS Account ID.
  4. Enable callouts for the Named Credentials
    1. Choose Enable callouts for Named Credentials. Make sure you have popups enabled for your org on your internet browser of choice.
    2. You will be redirected to the Named Credentials page of Setup. If the page does not automatically open, go to Salesforce Setup page, search for Named Credentials and choose it.
    3. You should see all of these new Named Credentials:
      1. SCC_GLOBAL_CFN_NC
      2. SCC_GLOBAL_CONNECT_VOICE_SERVICE_NC
      3. SCC_GLOBAL_INTERACTION_SERVICE_NC
      4. SCC_GLOBAL_S3_CALL_NC
    4. On each of the aforementioned Named Credentials, under the Actions section, choose the dropdown arrow and select Edit.
    5. Turn on the Enabled for Callouts flag.
    6. Come back to the SCC-AC Guided Setup page and refresh. If you see a green check mark next to Enable callout for Named Credentials button you can proceed to next step.
    7. If the button is not greyed out and no green check mark is displayed then not all Named Credentials have been enabled for callouts. Re-verify all above Named Credentials have been enabled for callouts.
  5. Enter AWS IAM User credentials
    1. Retrieve SCCAC-Setup-User IAM User credentials, both the Access Key and Secret Access Key. These credentials should have been stored previously.
    2. Choose Enter AWS IAM credentials button and enter the SCCAC-Setup-User IAM User Access Key and Secret Access Key.
      1. In the future, for rotation of IAM User's credential follow : IAM User's Credential Rotation
    3. This will trigger a CloudFormation deployment in your AWS Account. Wait until the SCC-GLOBAL-STACK-<SalesforceOrgId> CloudFormation stack deployment succeeds.
    4. Refresh the SCC-AC Guided Setup page and verify that a green check mark has appeared next to Enter AWS IAM credentials button.
  6. Update SCC-AC Secret Manager secret
    1. Before heading into the next step, you will need to update the secret on AWS Secret Manager with new values.
    2. On the AWS console, navigate to Secret Manager service.
    3. Choose SCCAC-Secret-<SalesforceOrgId> and once the secret opens, choose Retrieve secret value on the Secret Value section of the secret.
    4. Choose Edit and replace the following values:
      1. CERTIFICATE_KEY_PASSWORD_PLACE_HOLDER with a password of your own choice. Remember this password since you will use it on a future step.
      2. CONNECTED_APP_CONSUMER_SECRET_PLACE_HOLDER with the awsscc GLOBAL_CONNECTED_APP Consumer secret previously retrieved.
  7. Generate certificate Keystore file
    1. On the guided setup page in Salesforce, choose Generate certificate KeyStore file.
    2. This will trigger a CloudFormation deployment in your AWS Account. Wait until the SCC-GLOBAL-CERTIFICATE-STACK-{TIMESTAMP} CloudFormation stack deployment succeeds.
    3. Refresh the SCC-AC Guided Setup page and verify that a green check mark has appeared next to Generate certificate KeyStore file button.
  8. Download certificate Keystore file and upload it to Salesforce
    1. Before heading into the next step on the page you will need to download and upload the generated certificate file.
    2. On the AWS Console, navigate to S3 service.
    3. Search for a bucket with a name with format sccac-{YOUR_AWS_ACCOUNT}-bucket-<SalesforceOrgId>. Choose it and verify that it has one .jks file with name with format scc_certificate_{TIMESTAMP}.jks
    4. Download that certificate file to your computer.
    5. On your Salesforce org, go to Salesforce Setup, search for Certificate and Key Management and choose it.
    6. Choose Import from Keystore. Upload your downloaded certificate and under Keystore Password, enter your password of choice created in step 6.iv. Choose Save.
    7. Write down and save your certificate label named scc_certificate_{TIMESTAMP}. You will use it in the next step.
  9. Enter imported certificate label
    1. Choose Enter imported certificate label and enter your certificate label name saved before.
    2. This will trigger a CloudFormation deployment in your AWS account. Wait until the SCC-GLOBAL-CERTIFICATE-APPLIED-RESOURCE-STACK-{TIMESTAMP} CloudFormation stack deployment succeeds.
    3. Refresh the SCC-AC Guided Setup page and verify that a green check mark has appeared next to Enter imported certificate label button. The button will not be disabled, because you can update the certificate using this button in the future in case your certificate expires.
  10. Setup your contact centers for Salesforce Contact Center with Amazon Connect
    1. Choose the Contact Center for which you would like to set up SCC-AC.
    2. Enable the Enable this contact center for Salesforce Contact Center with Amazon Connect flag.
    3. Choose Enable callouts for Named Credentials. Make sure you have popups enabled for your org on your internet browser of choice.
    4. You will be redirected to the Named Credentials page of Setup. If the page does not automatically open, go to Salesforce Setup page, search for Named Credentials and choose it.
    5. You should see all of these new Named Credentials:
      1. SCC_CONTACT_CENTER_CFN_NC_{ID}
      2. SCC_CONTACT_CENTER_CONNECT_API_NC_{ID}
    6. On each of the aforementioned Named Credentials, under the Actions section, choose the dropdown arrow and select Edit.
    7. Turn on the Enabled for Callouts flag.
    8. Come back to the SCC-AC Guided Setup page and refresh. If you see a green check mark next to Enable callout for Named Credentials button you can proceed to next step.
    9. If the button is not greyed out and no green check mark is displayed then not all Named Credentials have been enabled for callouts. Re-verify all above Named Credentials have been enabled for callouts.
    10. Choose Enter AWS IAM credentials button and enter the SCCAC-Setup-User IAM User Access Key and Secret Access Key.
    11. This will trigger a CloudFormation deployment in your AWS account. Wait until both SCC-CONTACT-CENTER-STACK-{ID} and SCC-CONTACT-CENTER-SECRET-REPLICATION-STACK-{ID} CloudFormation stack deployments succeed.
    12. Refresh the SCC-AC Guided Setup page and verify that a green check mark has appeared next to the Enter AWS IAM credentials button.

Known issues with Guided Setup

  • We have no way of changing AWS Account ID in case the user entered it incorrectly without having to go through Workbench
  • If the SCC-GLOBAL-CERTIFICATE-APPLIED-RESOURCE-STACK-{TIMESTAMP} CloudFormation deployment fails, refer to the CloudWatch logs for the SCC-ExternalCredentialManagementFunction Lambda function on your AWS Console for more information.
    • If the error mentions invalid_grant: no client credentials user enabled, please make sure that the awsscc GLOBAL_CONNECTED_APP has client credentials enabled, and that it’s running as SCCAC Administrator under Client Credentials Flow.