Streamline employee training with an intelligent chatbot powered by Amazon Q Business

Amazon Q Business is a generative AI-powered assistant for interacting with organizational knowledge and enterprise systems. In addition to providing built-in connectors and plug-ins to connect seamlessly to over 40 popular enterprise systems, Amazon Q Business provides the ability to interact seamlessly with other third-party applications using custom plugins. Some of the enterprise systems that use Amazon Q Business include Salesforce, Zendesk, Confluence, Jira, ServiceNow, and Microsoft SharePoint. With custom plugins, you can integrate Amazon Q Business with various enterprise systems such as ticketing systems, email services, and other business applications, thus facilitating the creation of a comprehensive enterprise solutions. In this post, we explore how to design and implement custom plugins for Amazon Q Business, showcasing practical examples of integrating with common enterprise systems while helping to ensure secure access through Amazon Cognito authentication.

Solution overview

We will build an Amazon Q Business application serving as an intelligent chatbot that facilitates new employee training by retrieving answers from the provided training materials. The solution implements secure API access using Amazon Cognito for user authentication and authorization, helping to ensure that only authorized users can access the system. It can process documents in multiple formats including PDF, DOC, DOCX, and TXT with a maximum file size of 50 MB per document and can index up to 100,000 documents. The chatbot effectively answers the questions posed by new employees by using Retrieval Augmented Generation (RAG) techniques to enhance its response capabilities. If the chatbot can’t locate the requested information, it presents a dynamic option to the user to submit an email directly to the training support team through the chatbot using the custom plugins for Amazon Q Business. We include an AWS CloudFormation template for deployment and management of our solution.

The following illustration shows how Amazon Q Business delivers training content using RAG techniques, stores materials in Amazon Simple Storage Service (Amazon S3), processes requests through AWS Lambda functions, and enables user escalations through a custom plugin. CloudFormation automates the deployment of these integrated services, as shown in the following figure.

Features and benefits

The solution provides three key capabilities that work together to create an efficient and user-friendly training support system. These features help organizations reduce support overhead while making sure users can get the help they need. The solution’s intelligent query handling uses RAG techniques to process user questions accurately and provide context-aware responses from indexed training materials. This capability reduces the burden on human trainers by enabling employees to find answers up to 10 times faster than traditional search methods. According to AWS case studies, organizations implementing Amazon Q Business have seen significant efficiency gains: support tickets have decreased by up to 30% through enhanced self-service capabilities, while employees save an average of 20–30 hours per month on document search and summarization tasks. The system has demonstrated the ability to handle up to 80% of routine, repetitive questions automatically, leading to 50% faster onboarding and training processes through automated knowledge access. When users need additional support, they can use the dynamic email escalation feature to contact the training team directly with a single click. This seamless integration maintains a smooth user experience while making sure complex or specialized queries receive prompt attention from subject matter experts. Organizations can typically implement this solution within 2–3 business days using a pre-configured CloudFormation template, which will minimize deployment effort and technical overhead. The architecture uses the elastic infrastructure of AWS to scale automatically, supporting enterprise-wide deployments through its ability to process and index millions of documents across multiple data sources. The solution scales according to AWS service quotas, with specific limits on knowledge bases (100,000 documents each), applications (10 per account), and concurrent users (based on your AWS account’s service quotas). The infrastructure automatically adjusts resources based on query volume and user demand, facilitating consistent performance even during peak usage periods.

Deployment Steps

Use the following steps to set up your training chatbot solution. You will configure email notifications using Amazon Simple Email Service (Amazon SES), create an S3 bucket for training materials, deploy two CloudFormation templates, and set up user access for the Amazon Q Business chatbot.

Prerequisites

Download the files needed from the S3 bucket:

• Amazon Q Business application template
• Email plugin schema
• Mock training materials

Enable AWS IAM Identity Center:

1. Go to the AWS Management Console and go to AWS IAM Identity Center.
2. Choose Enable IAM Identity Center.
3. Wait a few minutes for the service to be enabled.
   

Step 1: Configure the customer service email address on Amazon SES

The following steps add the email IDs that will be used to send and receive emails through the custom plugin and Amazon SES.

1. Open the Amazon SES console.
2. Choose Configuration and then Identities on the left navigation pane.
3. Choose Create identity to add an identity.
4. Select Email address as the identity type.
5. Enter the email address you want to use.
6. Choose Create identity to submit the request.
   

7. Confirm the email address by following the link on the email Amazon SES sends you and then your identity will be confirmed (you should receive the email in about 2 minutes).

Step 2: Create an S3 bucket with your training materials in it

The following steps create the S3 bucket that will act as a data source for the Amazon Q Business application.

1. Open the Amazon S3 console.
2. Choose Create bucket.
3. Enter a unique bucket name (for example, company-training-materials-2025).
4. Upload your training materials into this bucket.
   • Mock training data was part of the material downloaded in the prerequisites.

Step 3: Deploy the first AWS CloudFormation stack – Qbusiness-application.yaml

The CloudFormation template will create the necessary resources for deploying the application with the custom plugin.

1. In your AWS account, open the CloudFormation console.
2. Choose Create stack and With new resources (standard) to start.
3. Select Choose an existing template and Upload a template file and upload Qbusiness-application.yaml.
4. Fill in the required parameters (for example: Amazon Cognito details, S3BucketName, SESSourceEmail, IdcInstanceArn).
   1. You can keep the default names for the roles.
   2. CognitoUserEmail should be the email address associated with a user’s account within an Amazon user pool.
   3. CognitoUserPassword is a temporary password associated with the preceding CognitoUserEmail. Add temporary password.
   4. S3BucketName should be the bucket that has the training and data source materials in it that you created in Step 2 (for example company-training-materials-2025).
   5. SESSourceEmail should be the email that serves as the customer service email address that users can reach out to for further assistance (the same address that you verified in Step 1).
   6. IdcInstanceArn is the Amazon Resource Name (ARN) of your IAM Identity Center instance. To find your IdcInstanceArn:
      1. Navigate to IAM Identity Center console.
      2. Choose Go to Settings on the left-hand side.
      3. Example: arn:aws:sso:::instance/ssoins-722339a1b72acd7b.
5. Choose Next, leave the settings on the next page at the default values.
6. Select the I acknowledge that AWS CloudFormation might create IAM resources with custom names check box, choose Next and then choose Submit to start the creation of the stack.
7. Wait until the stack status is CREATE_COMPLETE.
8. Navigate to the Outputs tab on the stack and copy the ApiEndpoint, CognitoAuthorizationUrl and CognitoTokenUrl to your clipboard.
   
   

Step 4: Prepare the custom plugin schema

The following steps help edit the API schema, which has the necessary paths and responses, to call the custom plugin.

1. Download the email-plugin.yaml file and open it in an editor.
2. In the beginning of the YAML file, paste the API endpoint URL you copied in the previous step prior where it says Enter ApiEndpoint. Make sure to remove the backslash at the end of the URL.
   

3. Paste the CognitoAuthorizationURL and CognitoTokenUrl from the previous step where it says to enter the URLs, as shown in the previous image.
   

4. Save this YAML file.

Step 5: Set up the custom plugin

1. Navigate to the Amazon Q Business console and choose Actions and then Plugins navigation pane.
2. Choose Add Plugin and then +Create custom plugin.
3. Enter a name and description for your plugin.
4. Under API Schema, select Define with in-line OpenAPI schema editor and paste the edited email plugin YAML file with the new URLs in the text box.
   1. Make sure the YAML | JSON toggle is set to YAML.
5. Under Authentication, select Authentication required.
6. Under AWS Secrets Manager secret select Create and add new secret.
   1. Enter a name for your secret.
   2. Enter a short description (for example : Custom email plugin for Amazon Q Business application)
   3. To populate the other details, navigate to the Amazon Cognito console and select your created user pool.
      1. Under Recommendations / Set up your app, choose EmailSenderPoolClient
      2. Copy Client ID and Client secret into the QBusiness custom plugin screen.
         
      3. For the OAuth callback URL, copy the Amazon Q Business web application deployed URL and add /oauth/callback. For example: https://xxxxxx.chat.qbusiness.us-east-1.on.aws/oauth/callback
         
      4. Save this URL for a later step.
7. Select Create and use a new service role for authorization.
8. Choose Add plugin.

Step 6: Add a callback URL to Amazon Cognito

The following steps help ensure that the callback URL is configured correctly. The callback URL is a user-configured URL where your application receives the authorization code after a user successfully signs in or signs out through the Amazon Cognito hosted UI.

1. Navigate to the Amazon Cognito console.
2. Choose App clients under Applications in the navigation pane.
3. Choose your app client.
4. Choose the Login pages tab.
   

5. Choose Edit under the Managed login pages configuration.
6. Paste the OAuth callback URL you saved from the previous step under Allowed Callback URLs.
   1. Example: https://xxxxxx.chat.qbusiness.us-east-1.on.aws/oauth/callback
7. Choose Save changes.
   

Step 7: Sync data source

The following steps are to make sure that the data source has the most recent updates

1. Navigate to the Amazon Q Business console.
2. Find your application (should be named qbusiness-example-app).
3. Select your application and go to the Data sources section in the navigation pane.
4. Select your data source and initiate a sync by choosing Sync now to index the uploaded documents.
   

5. Sync history should show a status of completed.
   

Step 8: Set up user access for the Amazon Q Business chatbot

The following steps allow users to be added to access the chatbot

1. Navigate back to the application in the Amazon Q Business console.
2. Choose Manage User Access.
   

3. Choose Add Groups or Users.
4. If you already have an existing user you want to give access to, choose Assign existing users and groups.
   1. Start entering the user’s name and Assign an existing user.
5. To add a new user, choose Add and Assign New Users.
   1. Choose Add and then Assign and then choose Confirm.
      1. Each user should get an email asking them to accept the invitation.
      2. After they choose Accept Invitation, they will be taken to a page to set up their password. They will use this username and password to sign in to the chatbot.
         

Step 9: Query the chatbot

The following steps walk you through how to best use the application.

1. Navigate to the application on the Amazon Q Business console again.
2. Select the Deployed URL.
   

3. Sign in using the username and password set in the previous step. Follow the steps in the console to register a built-in authenticator.
4. You can now:
   1. Query the chatbot about your training materials. For example, ask it: Tell me about my dental insurance.
   2. Request to send emails through the chatbot. Make sure to choose the custom plugin button to use this functionality.
      1. Example: Can you send an email asking for more information about my dental insurance?
      2. If asked for your email ID, enter the email ID that you verified in previous steps.
      3. The application will ask you to authorize your access. Choose Authorize.
         
5. Enter your CognitoUserEmail and password defined in Step 3 in the window and choose Sign in.
   
6. Emails will be sent to the email address verified in Step 1.

Troubleshooting

The following issues might occur during deployment or usage of your chatbot solution. Use these solutions to resolve common problems.

Data sync failures typically result from incorrect S3 bucket permissions. Check your bucket policy and access settings to facilitate proper configuration.

• User access issues often occur when invitations aren’t accepted or passwords aren’t set up. Verify that users have completed both steps in the access setup process.
• When the bot provides incomplete answers, try refreshing your content by initiating a new data source sync in the Amazon Q Business console.
• Amazon Cognito authorization issues can occur in the Q Business console – to mitigate them:
• Make sure that the callback URL matches your Q Business deployed URL
• The callback URL in the managed sign in pages configuration matches your Q Business deployed URL as seen in Step 6.
• Your Amazon Cognito URLs are copied into the email-plugin.yaml correctly from the CloudFormation outputs.
• Email delivery problems usually stem from email configuration. Verify that:
• The Custom Plugin button shows an active (blue) status.
• Your Amazon SES email address is verified.
• You’re using the correct email address in your configuration.

The BlueprintRole section is currently commented out because this is a proof-of-concept deployment. When deploying to production environments, especially those involving multiple AWS accounts or organizations, you should uncomment this section. The BlueprintRole provides necessary permissions for cross-account access and advanced management features of Amazon Q Business applications.

Service versions

AWS Lambda runtime: Python 3.11

Regional availability

Before deploying this solution, note that Amazon Q Business is not available in all AWS Regions. This solution can only be deployed in Regions where Amazon Q Business is supported. For the most up-to-date information on Regional availability, check the AWS Regional Services list.

Real-world use case

Amazon Q Business is transforming how businesses handle internal knowledge management and support. By securely connecting to company data sources and systems, Amazon Q Business helps organizations make their institutional knowledge more accessible and actionable. Here are two real-world examples demonstrating how Amazon Q Business enhances workplace productivity and knowledge sharing using the custom plugin feature.

Scenario 1: New employee Sarah uses a chatbot to learn about the organization’s leave policy. The chatbot efficiently retrieves relevant information from indexed training materials to answer her initial question. When Sarah later asks a specific question beyond the scope of the chatbot’s knowledge base, it promptly offers to connect her with the training support team through email. Sarah takes advantage of this option, making sure her complex query receives proper attention without delay. This interaction demonstrates the chatbot’s effectiveness in providing immediate access to information while maintaining appropriate escalation channels for questions requiring human expertise.

Scenario 2: Alex, a field technician at a manufacturing company, needs to complete an urgent maintenance procedure on specialized equipment while at a client site. He accesses the company’s Amazon Q-powered knowledge assistant.

• Alex asks, “How do I recalibrate the XB-2000 sensor array after firmware update?” The chatbot immediately retrieves the relevant technical documentation from indexed maintenance manuals and presents a step-by-step procedure with details.
• During the calibration, Alex encounters an unexpected error code not covered in the standard documentation. He uses the custom plugin to request immediate assistance, typing “I need help with error code E-457 on the XB-2000.” The chatbot offers to email the technical support team, including his location details and equipment specifications automatically gathered from his user profile.

This scenario demonstrates how the Amazon Q Business solution delivers critical technical knowledge in field situations while providing seamless escalation paths for edge cases that require specialized expertise, ultimately reducing equipment downtime and improving customer satisfaction.

Scenario 3: A global manufacturing company with more than 5,000 employees implements Amazon Q Business to streamline their equipment maintenance support system across multiple facilities. Maintenance teams use Amazon Q Business to access equipment documentation and when encountering situations requiring vendor support or parts ordering, they use the custom plugin’s email feature.

• Example interaction: A maintenance supervisor in Singapore enters “Need to escalate XB-2000 production line shutdown to vendor support team.”

The Amazon Q custom plugin automatically:

• Generates a structured email containing facility location, equipment history, and maintenance logs.
• Routes communications to vendor support, maintenance management, and procurement teams.

This implementation demonstrates how the custom plugin feature standardizes emergency communications across global facilities while making sure critical information is automatically included in escalations.

Clean up

To remove the solution, delete the CloudFormation stack you created to test this solution. This action will automatically deprovision associated AWS resources, including Lambda functions, S3 buckets, and Amazon OpenSearch Service domains set up by Amazon Q Business. This solution uses multiple AWS services with costs varying based on usage patterns. Amazon Q Business pricing is determined by the number of users and queries processed, with additional charges applying for custom plugin usage. Lambda costs are calculated based on the number of requests and compute time, though a free tier allowance of 1 million requests per month is available. Storage and data transfer costs will apply for Amazon S3, which hosts your training materials. Email communications through Amazon SES incur standard sending charges, though you can benefit from a free tier that includes 62,000 outbound messages per month. For detailed pricing information, we recommend consulting the official pricing pages for each service.

Conclusion

This intelligent chatbot solution harnesses the capabilities of Amazon Q to revolutionize employee training by providing instant access to organizational knowledge while maintaining human escalation paths for complex inquiries. Queries the system is designed to handle include multi-turn conversations requiring context from previous interactions, questions that need information synthesis across multiple documents, and technical troubleshooting scenarios requiring step-by-step guidance. By implementing this CloudFormation-automated deployment, organizations can significantly reduce support costs up to 85%, improve knowledge accessibility, and create a training environment that is designed to scale with their needs. It supports enterprise-wide deployments by integrating with your existing identity and access management systems, so you can quickly add or remove users and manage permissions at scale. As your organization expands, you can connect additional data sources such as Dropbox and Google Drive, making sure the system grows alongside your business needs.

This Amazon Q Business training solution is worth building because it dramatically reduces training support costs while providing employees with continuous access to accurate information. The automated deployment and seamless human escalation path make it an ideal solution for organizations looking to scale knowledge delivery without expanding support staff.

Empower your organization with this cutting-edge chatbot solution today and share your experiences and insights in the comments section below.

Explore more about Amazon Q Business capabilities in our comprehensive documentation or join our AWS Community forum to connect with others implementing similar solutions. Don’t forget to follow #AmazonQBusiness on social media to share your implementation journey!

---

About the authors

Neha Bhupatiraju is a Data and ML Engineer at AWS Professional Services. With expertise in data engineering and machine learning, she helps enterprise customers leverage both traditional data analytics and machine learning. She specializes in implementing intelligent chatbots, developing predictive analytics models and building generative AI applications.

Charishma Ravoori is a Data and ML Engineer at AWS Professional Services. Charishma works with AWS customers and partners to help them build solutions in predictive/data analytics, data engineering and generative AI using AWS services.

Ujwala Bitla is a Deep Learning Architect at AWS Generative AI Innovation Center, where she designs and delivers cutting-edge GenAI solutions for  customers across industries. With extensive experience in Data Science and Analysis, she specializes in Large Language Models, Retrieval-Augmented Generation (RAG), Agents and responsible AI implementation.

Raju Patil is a Senior Data Scientist in AWS Professional Services, where he builds and deploys AI/ML solutions to help AWS customers overcome business challenges. His work spans across various use cases, including Generative AI, Computer Vision, Time-Series Forecasting, and Predictive Analytics.