Important: We've redesigned the Amazon QuickSight analysis workspace. You might encounter screenshots or procedural text that doesn't reflect the new look in the QuickSight console. We're in the process of updating screenshots and procedural text.
To find a feature or item, use the Quick search bar.
For more information on QuickSight's new look, see Introducing new analysis experience on Amazon QuickSight
Directory integration with Amazon QuickSight Enterprise edition
Applies to: Enterprise Edition |
Intended audience: System administrators |
Note
IAM identity federation doesn't support syncing identity provider groups with Amazon QuickSight.
Amazon QuickSight Enterprise supports the following options:
-
AWS Directory Service
-
AWS Directory Service with AD Connector
-
On-premises Active Directory with IAM federation or AD Connector
-
IAM federation using AWS IAM Identity Center or another third-party federation service
If you want to use IAM federation with an on-premises Active Directory, you implement AWS Directory Service as a separate Active Directory with a trust relationship to the on-premises Active Directory.
If you want to avoid using a trust relationship, you can deploy a standalone domain for authentication within AWS. Then you can create users and groups in Active Directory. You'd then map them to users and groups in Amazon QuickSight. In this example, users authenticate using their Active Directory login credentials. To make access to Amazon QuickSight transparent to your users, use IAM federation in this scenario.