This article describes the AWS Identity and Access Management (IAM) permissions required to upload identity documents to an encrypted Amazon S3 bucket for Amazon Connect phone number porting and address validation requests.
Amazon Connect improves the security of identity document validation processes by requiring customers to upload documents directly to an encrypted S3 bucket. Amazon Connect then uses these documents to perform address validation and carrier-side identity verification on your behalf.
All upload steps described in this article are mandatory. Skipping any step may render the document inaccessible to Amazon Connect Identity Validation, requiring a complete re-upload.
To upload identity documents to the Amazon S3 bucket, you must log in as an IAM user or assume an IAM role that has the following six permissions:
For information on creating IAM users or roles with these permissions, see Creating IAM Users and Creating IAM Roles in the AWS documentation.
The identity documents required for your request depend on the country code and phone number type requested. Review the Amazon Connect Phone Number Requirements documentation to determine what documents you need.
The S3 upload link and the Grantee key will be provided by Amazon Web Services Support in your active support case. Once received, follow these steps:
Step 1: Log in to the AWS Management Console at https://console.aws.amazon.com/ using the AWS account that opened the Support Case.
Step 2: Open the S3 upload link provided by Amazon Web Services Support in your case.
Step 3: Click Add Files and upload the required identity documents.
Step 4: Expand the Permissions section. Select Specify individual ACL permissions and click Add grantee at the end of the Access Control List (ACL) block.
Step 5: Paste the Grantee key provided by Amazon Web Services Support into the Grantee field.
Step 6: Mark the Read checkbox under the Objects section. This step is required — if not marked, Amazon Connect cannot access the uploaded documents.
Step 7: Click Upload.
001109591

We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.