AWS Certified AI Practitioner(18) - Amazon Q Business
๐ผ Amazon Q Business
1. What is Amazon Q Business?
- A fully managed generative AI assistant for enterprises.
- Works based on a companyโs internal knowledge and data.
- Key capabilities:
- Q&A based on company documents
- Summarization & content generation
- Automating routine tasks (e.g., time-off requests, meeting invites)
- Integration with external systems for real actions
- Runs on Amazon Bedrock, but users cannot choose the underlying Foundation Model (FM).
๐ Exam Tip: Remember that Q Business runs on Bedrock but you cannot select the FM.
2. Key Components
๐น Data Connectors (Managed RAG)
- Connects to 40+ enterprise data sources
- AWS Services: S3, RDS, Aurora, WorkDocs
- External Services: Microsoft 365, Google Drive, Gmail, Slack, Salesforce, SharePoint, etc.
- Automatically indexes and retrieves documents.
๐น Plugins
- Allow interaction with external applications.
- Examples: Jira, ServiceNow, Zendesk, Salesforce.
- Custom Plugins: Connect to any 3rd-party application via APIs.
- Example: โCreate a new Jira issueโ โ Q Business calls Jira API and creates the ticket.
3. IAM Identity Center Integration
- User authentication is managed through IAM Identity Center.
- Users only see documents they are authorized to access.
- Supports external Identity Providers (IdPs): Google Login, Microsoft Active Directory, etc.
๐ Exam Tip: Q Business authentication is always through IAM Identity Center.
4. Admin Controls (Guardrails)
- Works like Guardrails in Bedrock.
- Capabilities:
- Block specific words or topics
- Restrict responses to internal documents only (disable external LLM knowledge)
- Rules can be applied globally or at topic-level.
5. Amazon Q Apps
- Create GenAI-powered apps without coding using natural language.
- Leverages internal company data + plugins.
- Example: Build a Jira ticket automation app or a document search chatbot.
6. Example Use Cases
- โSummarize the April 12th team meetingโ โ Answered from meeting notes.
- โWhat is the out-of-pocket maximum in our health plan?โ โ Retrieved from PDF.
- โGenerate a new job posting for a Product Managerโ โ Drafted using internal HR policies.
7. Exam Key Points
- Amazon Q Business = enterprise-focused GenAI assistant.
- FM cannot be selected (unlike Bedrock).
- IAM Identity Center = core for access control.
- Data Connectors vs Plugins:
- Connectors = data retrieval (RAG).
- Plugins = perform real tasks (API calls, ticket creation).
- Admin Controls = Guardrails โ block terms, restrict sources.
- Can connect up to ~50 data sources.
- Pricing consideration: Q Business Light/Pro plans exist (important in practice, not in exams).
๐ One-Line Summary
Amazon Q Business = An enterprise GenAI assistant with Data Connectors (RAG), Plugins (actions), IAM Identity Center (auth), and Guardrails (admin controls) as core exam concepts.
๐ Amazon Q Business โ Exam Cheat Sheet
| Category | Description | Exam Point |
|---|---|---|
| Service Concept | Enterprise GenAI assistant based on company data | Runs on Bedrock, FM not selectable |
| Core Functions | Q&A, summarization, content creation, automation | Beyond QA โ executes tasks |
| Data Connectors | 40+ data sources (S3, RDS, Aurora, M365, GDrive, Slack, Salesforce, SharePoint) | RAG (retrieval-based answers) |
| Plugins | Interact with external apps (Jira, ServiceNow, Salesforce) | Execute real actions (tickets, API calls) |
| Custom Plugins | Connect with any 3rd-party app via API | Exam: โ3rd Party App integrationโ โ Custom Plugin |
| IAM Identity Center | User authentication & access control | Users only see authorized documents |
| External IdP | Google Login, Microsoft AD | AWS supports external IdPs |
| Admin Controls (Guardrails) | Block topics, restrict to internal docs | Same as Guardrails, Global/Topic scope |
| Amazon Q Apps | No-code GenAI apps | Combine internal data + Plugins |
| Data Sources | Up to ~50 per application | May appear in exams |
| Security | IAM + Guardrails = access control | Exam: โHow is access controlled?โ โ IAM + Guardrails |
| Pricing | Light/Pro plans, anonymous access costly | Important for real use, less for exam |
โ Common Exam Questions
Q1. Difference between Amazon Bedrock and Q Business?
- Bedrock = Direct FM usage, choose models.
- Q Business = Enterprise AI assistant, FM not selectable.
Q2. Data Connectors vs Plugins?
- Connectors = retrieval (RAG).
- Plugins = perform tasks (API, Jira, ServiceNow).
Q3. How does Q Business manage security & access?
- IAM Identity Center + Guardrails.
Q4. What are Amazon Q Apps?
- No-code GenAI apps built with internal data + Plugins.
๐ Final Note: In AWS exams, focus on FM not selectable, IAM Identity Center, Data Connectors vs Plugins, and Guardrails.
All articles on this blog are licensed under CC BY-NC-SA 4.0 unless otherwise stated.