Inter-network Traffic Privacy in Amazon QuickSight - Amazon QuickSight

Inter-network Traffic Privacy in Amazon QuickSight

To use Amazon QuickSight, users need access to the internet. They also need access to a compatible browser or a mobile device with the Amazon QuickSight mobile app installed. They don't need access to the data sources they want to analyze. This access is handled inside Amazon QuickSight. User connections to Amazon QuickSight are protected through the use of SSL. So that users can access Amazon QuickSight, allow access to HTTPS and WebSockets Secure (wss://) protocol.

You can use a Microsoft AD connector and single sign-on (SSO) in a corporate network environment. You can further restrict access through the identity provider. Optionally, you can also use MFA.

Amazon QuickSight accesses data sources by using connection information supplied by the data source owner in Amazon QuickSight. Connections are protected both between Amazon QuickSight and on-premises applications and between Amazon QuickSight and other AWS resources within the same AWS Region. For connections to any source, the data source must allow connections from Amazon QuickSight.

Traffic Between Service and On-Premises Clients and Applications

You have two connectivity options between your private network and AWS:

If you are using AWS API operations to interact with Amazon QuickSight through the network, clients must support Transport Layer Security (TLS) 1.0. We recommend TLS 1.2. Clients must also support cipher suites with Perfect Forward Secrecy (PFS), such as Ephemeral Diffie-Hellman (DHE) or Elliptic Curve Diffie-Hellman Ephemeral (ECDHE). Most modern systems such as Java 7 and later support these modes.