You are here:
Create and Configure an AWS Account for Intelligent Document Reader
Intelligent Document Reader uses the Amazon Web Services Textract API for document data extraction. Before configuring Intelligent Document Reader, create an AWS account, set up an Identity and Access Management (or IAM) user, and assign Amazon Textract permissions.
Required Editions
| Available in: Lightning Experience |
| Available in: Automotive Cloud, Consumer Goods Cloud, Education Cloud, Financial Services Cloud, Health Cloud, Manufacturing Cloud, Media Cloud, Net Zero Cloud, Nonprofit Cloud, Public Sector Solutions. View product and edition availability. |
| Intelligent Document Reader is available with the Intelligent Document Reader add-on license. |
Note For Intelligent Document Reader to function properly, create an AWS account even if you have
an existing account. The AWS account is charged for any AWS services that are used based on the
pricing agreements between your organization and AWS.
To learn how to configure an AWS account for Intelligent Document Reader, watch this video.
Extract the AWS Account ID and Access Keys
The 12-digit AWS account ID is a unique identifier for your AWS account. The AWS access keys are specific to a user. Create a user, and then use the access keys to create the external credential.
- Log in to your AWS account.
- In the Dashboard, copy and save the Account ID from the AWS Account section.
- Click Access management | Users | Create user.
- Enter a username, and then click Next.
- Select Attach policies directly.
- In the search field, type textract, and then select the AmazonTextractFullAccess policy name.
- Click Next.
- Click Create user.
- Click the username that you created.
- Click Create access key.
- Select the Command Line interface (CLI) use case.
- Select the confirmation prompt and click Next.
- Click Create access key.
-
Copy the Access key ID and Secret access key, or download the .csv file that contains these
credentials.
You can’t retrieve the access key later.
- Click Show.
- Copy and save the secret access key.
- Click Done.
Extract the ARN Value for a User
To extract the ARN (Amazon Resource Name) value, use the same user you created to extract the access keys.
- Log in to your AWS account.
- Click Access management | Users, and then click the username that you created.
- Copy and save the ARN of the user from the Summary section.
- Click Access management | Role | Create role.
- In the Service or use case search field, type textract , and then select Textract.
- Click Next, and then click Next.
- In the Role details section, enter a role name.
- Click Create role.
- Click Access management | Roles, and then click the role you created.
- To attach a textract service to this role, click the Permission tab, click Add permissions, and then select Attach policies.
- In the search field, type textract , and then select the AmazonTextractFullAccess policy name.
- Click Add Permissions.
Attach a Role to a User
After you create a role and a user, attach the role to the user.
- Log in to your AWS account.
- Open the role you created.
- In the Trust relationships tab, click Edit trust policy.
- Click Add next to Add a principal.
- Select IAM users as the Principal type.
- Paste the user ARN value as the ARN.
- Click Add principal.
- Click Update policy.
-
Copy and save the role ARN value from the role window.
You need this ARN value to create the external named credential.
See Also
- AWS Organizations User Guide: Creating an AWS account in your organization
- AWS Knowledge Center: How do I create and activate a new AWS account?
- AWS Identity and Access Management User Guide: Creating an IAM user in your AWS account
- Amazon Textract Developer Guide: Identity and Access Management for Amazon Textract
Did this article solve your issue?
Let us know so we can improve!
