Important: We've redesigned the Amazon QuickSight analysis workspace. You might encounter screenshots or procedural text that doesn't reflect the new look in the QuickSight console. We're in the process of updating screenshots and procedural text.
To find a feature or item, use the Quick search bar.
For more information on QuickSight's new look, see Introducing new analysis experience on Amazon QuickSight
Encryption at rest
Amazon QuickSight securely stores your Amazon QuickSight metadata. This includes the following:
-
Amazon QuickSight user data, including Amazon QuickSight user names, email addresses, and passwords. Amazon QuickSight administrators can view user names and emails, but each user's password is completely private to each user.
-
Minimal data necessary to coordinate user identification with your Microsoft Active Directory or identity federation implementation (Federated Single Sign-On (IAM Identity Center) through Security Assertion Markup Language 2.0 (SAML 2.0)).
-
Data source connection data
-
Names of your uploaded files, data source names, and data set names.
-
Statistics that Amazon QuickSight uses to populate machine learning (ML) insights
Amazon QuickSight securely stores your Amazon QuickSight data. This includes the following:
-
Data-at-rest in SPICE is encrypted using hardware block-level encryption with AWS-managed keys.
-
Data-at-rest other than SPICE is encrypted using Amazon-managed KMS keys. This includes the following:
-
Email reports, Sample value for filters, Query result cache.
-
When you delete a user, all of that user's metadata is permanently deleted. If you don't transfer that user's Amazon QuickSight objects to another user, all of the deleted user's Amazon QuickSight objects (data sources, datasets, analyses, and so on) are also deleted. When you unsubscribe from Amazon QuickSight, all metadata and any data you have in SPICE is completely and permanently deleted.
