Directory integration with Amazon QuickSight Enterprise edition - Amazon QuickSight
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Directory integration with Amazon QuickSight Enterprise edition

 Applies to: Enterprise Edition 
   Intended audience: System administrators 
Note

IAM identity federation doesn't support syncing identity provider groups with Amazon QuickSight.

Amazon QuickSight Enterprise supports the following options:

  • Amazon Directory Service

  • Amazon Directory Service with AD Connector

  • On-premises Active Directory with IAM federation or AD Connector

  • IAM federation using Amazon IAM Identity Center or another third-party federation service

If you want to use IAM federation with an on-premises Active Directory, you implement Amazon Directory Service as a separate Active Directory with a trust relationship to the on-premises Active Directory.

If you want to avoid using a trust relationship, you can deploy a standalone domain for authentication within Amazon. Then you can create users and groups in Active Directory. You'd then map them to users and groups in Amazon QuickSight. In this example, users authenticate using their Active Directory login credentials. To make access to Amazon QuickSight transparent to your users, use IAM federation in this scenario.

Topics