Important: We've redesigned the Amazon QuickSight analysis workspace. You might encounter screenshots or procedural text that doesn't reflect the new look in the QuickSight console. We're in the process of updating screenshots and procedural text.
To find a feature or item, use the Quick search bar.
For more information on QuickSight's new look, see Introducing new analysis experience on Amazon QuickSight
Configure your Amazon QuickSight account with IAM Identity Center
| Applies to: Enterprise Edition |
| Intended audience: System administrators |
IAM Identity Center helps you securely create or configure your existing workforce identities and manage their access across AWS accounts and applications. IAM Identity Center is the recommended approach for workforce authentication and authorization on AWS for organizations of any size and type. To learn more about IAM Identity Center, see AWS IAM Identity Center
Configure QuickSight and IAM Identity Center so that you can sign up for a new QuickSight account with an IAM Identity Center configured identity source. With IAM Identity Center, you can configure your external identity provider as an identity source. You can also use IAM Identity Center as an identity store if you don't want to use a third-party identity provider with QuickSight. Identity methods can't be changed after your account is created.
When you integrate your QuickSight account with IAM Identity Center, QuickSight account administrators can create a new QuickSight account that automatically has the identity provider's groups available. This simplifies asset sharing at scale in Amazon QuickSight.
Access to some sections of the QuickSight administration console is restricted by IAM permissions. The following table summarizes the admin actions that you can perform in QuickSight based on the access type that you choose.
To learn more how to sign up for an Amazon QuickSight account with IAM Identity Center, see Signing up for an Amazon QuickSight subscription.
| Admin action | IAM permissions | QuickSight admin role permissions |
|---|---|---|
|
Manage assets |
Yes |
|
|
Security & permissions |
Yes |
|
|
Manage VPC connections |
Yes |
|
|
KMS keys |
Yes |
|
|
Account settings |
Yes |
|
|
Account customization |
Yes |
|
|
Manage users |
Yes |
|
|
Your subscriptions |
Yes |
|
|
Mobile settings |
Yes |
|
|
Domains and embedding |
Yes |
|
|
SPICE capacity |
Yes |
Custom permissions are not supported with QuickSight accounts that are integrated with IAM Identity Center.
The Amazon QuickSight mobile app is not supported with QuickSight accounts that are integrated with IAM Identity Center.
