In the era of AI and machine learning (ML), there is a growing emphasis on enhancing security— especially in IT contexts. In this post, we demonstrate how your organization can reduce the end-to-end burden of resolving regular challenges experienced by your IT support teams—from understanding errors and reviewing diagnoses, remediation steps, and relevant documentation, to opening external support tickets using common third-party services such as Jira.
We show how Amazon Q Business can streamline your end-to-end troubleshooting processes by using your preexisting documentation and ticketing systems while approaching complex IT issues in a conversational dialogue. This solution illustrates the benefits of incorporating Amazon Q as a supplemental tool in your IT stack.
Benefits of Amazon Q Business
The following are some relevant benefits of Amazon Q Business:
- Scalability – As an AWS cloud-based service, Amazon Q is highly scalable and able to handle numerous concurrent requests from multiple employees without performance degradation. This makes it suitable for organizations with a large IT department consisting of many employees who intend to use Amazon Q as an intelligent agent assistant.
- Increased productivity – Because Amazon Q can handle a large volume of customer inquiries simultaneously, this frees up human employees (such as IT support engineers) to focus on more complex or specialized tasks, thereby improving overall productivity.
- Natural language understanding (NLU) – Users can interact with the Amazon Q Business application using natural language (such as English). This enables more natural and intuitive conversational experiences without requiring your agents to learn new APIs or languages.
- Customization and personalization – Developers can customize the knowledge base and responses to cater to the specific needs of their application and users, enabling more personalized experiences. In this post, we discuss an IT support use case for Amazon Q Business and how to configure it to index and search custom audit logs.
Solution overview
Our use case focuses on the challenges around troubleshooting, specifically within systems and applications for IT support and help desk operations. We use Amazon Q Business to train on our internal documentation and runbooks to create a tailored Amazon Q application that offers personalized instructions, source links to relevant documentation, and seamless integration with ticketing services like Jira for escalation requirements. Our goal is to reduce the time and effort required for IT support teams and others to diagnose challenges, review runbooks for remediation, and automate the escalation and ticketing process.
The following diagram illustrates the solution architecture.
The solution consists of the following key integrations:
- Jira plugin – Amazon Q Business supports integration with Jira; you can use the AI assistant UI to search, read, create, and delete Jira tickets. Changes made using this plugin by Amazon Q can then be viewed within your Jira console.
- Web crawling – Amazon Q Business uses web crawlers to index and ingest product documentation websites, making sure that the latest information is available for answering queries.
- Amazon S3 connector – Organizations can upload product documents directly to Amazon Simple Storage Service (Amazon S3), enabling Amazon Q Business to access and incorporate this information into its knowledge base.
- Jira data source – If your Jira environment rarely changes, or if you want to have more granular control over Amazon Q interactions with Jira, then you can use Jira as a simple data source. Here, Amazon Q will have read-only access to Jira.
Prerequisites
As a prerequisite to deploying this solution, you will need to set up Jira and Confluence using an Atlassian account. If you already have these set up, you can use your existing account. Otherwise, you can create an Atlassian account and set up Jira and Confluence using the free version.
- Sign up with your email or through a social identity provider. If you sign up using email, you must verify your email through a One Time Password (OTP).
- Enter a name for your site and choose Continue.
- Choose Other and choose Continue.
- If asked for a starting template, you can choose the Project management template and choose Start now.
- Enter a name for your project and choose Get started.
Your UI should now look like the following screenshot.
Now you have created an Atlassian account and Jira project.
For example purposes, we created a few tasks within the Jira console. We will come back to these later.
Create an Amazon Q application
You are now ready to create an Amazon Q application:
- Sign in to your AWS account on the AWS Management Console and set your preferred AWS Region.
- Open the Amazon Q console.
- If you haven’t already, complete the steps to connect to AWS IAM Identity Center, creating either an organization instance or account instance.
After you have completed your configuration of IAM Identity Center and connected it within Amazon Q, you should see the following success message on the Amazon Q console.
- On the Amazon Q Business console, choose Applications in the navigation pane, then choose Create an application.
- For Application name, enter a name (for example,
QforITTeams). - Leave the remaining options as default and choose Next.
- You have the choice of selecting an existing Amazon Kendra retriever or using the Amazon Q native retriever. For more information on the retriever options, see Creating an index for an Amazon Q Business application. For this post, we use the native retriever.
- Keep the other default options and choose Next.
Amazon Q offers a suite of default data sources for you to choose from, including Amazon S3, Amazon Relational Database Service (Amazon RDS), Slack, Salesforce, Confluence, code repositories in GitHub, on-premises stores (such as IBM DB2), and more. For our sample set up, we are using sample AWS Well-Architected documentation, for which we can use a web crawler. We also want to use some sample runbooks (we have already generated and uploaded these to an S3 bucket).
Let’s set up our Amazon S3 data source first.
- For Add a data source, choose Amazon S3.
- Under Name and description, enter a name and description.
- Complete the steps to add your Amazon S3 data source. For our use case, we create a new AWS Identity and Access Management (IAM) service role according to the AWS recommendations for standard use cases. AWS will automatically propagate the role for us following the principle of least privilege.
- After you add the data source, run the sync by choosing Sync now.
Wait 5–10 minutes for your data to finish syncing to Amazon Q.
Now let’s add our web crawler and link to some AWS Well-Architected documentation.
- Add a second data source and choose Web crawlers.
- Under Source, select Source URLs and enter the source URLs you want to crawl.
For this use case, we entered some links to public AWS documentation; you have the option to configure authentication and a web proxy in order to crawl intranet documents as well.
- After you create the data source, choose Sync now to run the sync.
Add an IAM Identity Center user
While our data sources are busy syncing, let’s create an IAM Identity Center user for us to test the Amazon Q Business application web experience:
- On the Amazon Q Business console, navigate to your application.
- Under Groups and users, choose Manage access and subscriptions, and choose Add groups and users.
- Select Add new users and choose Next.
- After you create the user, you can add it by choosing Assign existing users and groups and searching for the user by first name.
- After you add the user, you can edit their subscription access. We upgrade our user’s access to Q Business Pro for our testing.
Deploy the web experience
After the data sources have completed their sync, you can move to the testing stage to confirm things are working so far:
- On the Amazon Q Business console, choose Applications in the navigation pane.
- Select your application and choose Deploy web experience.
- On the application details page, choose Customize web experience.
- Customize the title, subtitle, and welcome message as needed, then choose Save.
- Choose View web experience.
Let’s test some prompts on the data that our Amazon Q application has seen.
First, let’s ask some questions around the provided runbooks stored in our S3 bucket that we previously added as a data source to our application. In the following example, we ask about information for restarting an Amazon Elastic Compute Cloud (Amazon EC2) instance.
As shown in the following screenshot, Amazon Q has not only answered our question, but it also cited its source for us, providing a link to the .txt file that contains the runbook for Restarting an EC2 Instance.
Let’s ask a question about the Well-Architected webpages that we crawled. For this query, we can ask if there is a tool we can use to improve our AWS architecture. The following screenshot shows the reply.
Set up Jira as a data source
In this section, we set up Jira as a data source for our Amazon Q application. This will allow Amazon Q to search data in Jira. For instructions, see Connecting Jira to Amazon Q Business.
After you have set up Jira as a data source, test out your Amazon Q Business application. Go to the web experience chat interface URL and ask it about one of your Jira tickets. The following screenshot shows an example.
Set up a Jira plugin
What if you encounter a situation where your user, an IT support professional, can’t find the solution with the provided internal documents and runbooks that Amazon Q has been trained on? Your next step might be to open a ticket in Jira. Let’s add a plugin for Jira that allows you to submit a Jira ticket through the Amazon Q chat interface. For more details, see Configuring a Jira Cloud plugin for Amazon Q Business. In the previous section, we added Jira as a data source, allowing Amazon Q to search data contained in Jira. By adding Jira as a plugin, we will allow Amazon Q to perform actions within Jira.
Complete the following steps to add the Jira plugin:
- On the Amazon Q Business console, navigate to your application.
- Choose Plugins in the navigation pane.
- Choose Add plugin.
- For Plugin name, enter a name.
- For Domain URL, enter
https://api.atlassian.com/ex/jira/yourInstanceID, where the value ofyourInstanceIDis the value athttps://my-site-name.atlassian.net/_edge/tenant_info. - For OAuth2.0, select Create a new secret, and enter your Jira client ID and client secret.
If you require assistance retrieving these values, refer to the prerequisites.
- Complete creating your plugin.
After you have created the plugin, return to the application web experience to try it out. The first time you use the Jira plugin within the Amazon Q chat interface, you might be asked to authorize access. The request will look similar to the following screenshots.
After you provide Amazon Q authorization to access Jira, you’re ready to test out the plugin.
First, let’s ask Amazon Q to create some draft text for our ticket.
Next, we ask Amazon Q to use this context to create a task in Jira. This is where we use the plugin. Choose the options menu (three dots) next to the chat window and choose the Jira plugin.
Ask it to generate a Jira task. Amazon Q will automatically recognize the conversation and input its data within the Jira ticket template for you, as shown in the following screenshot. You can customize the fields as needed and choose Submit.
You should receive a response similar to the following screenshot.
Amazon Q has created a new task for us in Jira. We can confirm that by viewing our Jira console. There is a task for updating the IT runbooks to meet disaster recovery objectives.
If we open that task, we can confirm that the information provided matches the information we passed to the Jira plugin.
Now, let’s test out retrieving an existing ticket and modifying it. In the following screenshot, Amazon Q is able to search through our Jira Issues and correctly identify the exact task we were referring to.
We can ask Amazon Q about some possible actions we can take.
Let’s ask Amazon Q to move the task to the “In Progress” stage.
The following screenshot shows the updated view of our Jira tasks on the Jira console. The ticket for debugging the Amazon DynamoDB application has been moved to the In Progress stage.
Now, suppose we wanted to view more information for this task. We can simply ask Amazon Q. This saves us the trouble of having to navigate our way around the Jira UI.
Amazon Q is even able to extract metadata about the ticket, such as last-updated timestamps, its creator, and other components.
You can also delete tasks in Jira using the Amazon Q chat interface. The following is an example of deleting the DynamoDB ticket. You will be prompted to confirm the task ID (key). The task will be deleted after you confirm.
Now, if we view our Jira console, the corresponding task is gone.
Clean up
To clean up the resources that you have provisioned, complete the following steps:
- Empty and delete any S3 buckets you created.
- Downgrade your IAM Identity Center user subscription to Amazon Q.
- Delete any Amazon Q related resources, including your Amazon Q Business application.
- Delete any additional services or storage provisioned during your tests.
Conclusion
In this post, we configured IAM Identity Center for Amazon Q and created an Amazon Q application with connectors to Amazon S3, web crawlers, and Jira. We then customized our Amazon Q application for a use case targeting IT specialists, and we sent some test prompts to review our runbooks for issue resolution as well as to get answers to questions regarding AWS Well-Architected practices. We also added a plugin for Jira so that IT support teams can create Jira issues and tickets automatically with Amazon Q, taking into account the full context of our conversation.
Try out Amazon Q Business for your own use case, and share your feedback in the comments. For more information about using Amazon Q Business with Jira, see Improve the productivity of your customer support and project management teams using Amazon Q Business and Atlassian Jira.
About the Authors
Dylan Martin is a Solutions Architect (SA) at Amazon Web Services based in the Seattle area. Dylan specializes in developing Generative AI solutions for new service and feature launches. Outside of work, Dylan enjoys motorcycling and studying languages.
Ankit Patel is a Solutions Developer at AWS based in the NYC area. As part of the Prototyping and Customer Engineering (PACE) team, he helps customers bring their innovative ideas to life by rapid prototyping; using the AWS platform to build, orchestrate, and manage custom applications.
