AWS Quicksight Access - via Amazon Active Directory AND IAM Roles

0

We are looking to expand services via AWS Quicksight, our use case would include Amazon subsidiary users who can be both in Amazon network and not. My question is it possible to setup new AWS accounts to allow BOTH Active Directory (for in network users) and unique IAM roles (for subsidiary/off-network users)? If not what are the options to allow this type of access using SSO where possible.

3回答
0

Hello, Thank you for your question. Yes it is possible to set both active directory and IAM roles within an AWS account. You can assign Active directory users and groups to IAM roles and grant permissions to these roles. You can also use Quicksight with IAM.

Here are the links with more information about Active directory: https://aws.amazon.com/blogs/security/introducing-aws-directory-service-for-microsoft-active-directory-standard-edition/ https://docs.aws.amazon.com/quicksight/latest/user/external-identity-providers.html

Here's the link if you need further assistance using Quicksight with IAM policies and roles: https://docs.aws.amazon.com/quicksight/latest/user/security_iam_service-with-iam.html

Josie_K
回答済み 2年前
0

Hello, I have the same concern, only what would happen if I have my quicksight configured by SSO and I want to enter the mobile application with IAM users or the quicksight console by IAM users without being redirected to SSO?

hcantos
回答済み 1年前
0

No you cannot configure a single QuickSight account to use both AD and IAM users. If you use AD it is all or nothing. If you use IAM you can federate users from multiple Identity Providers though (some internal some external for instance).

回答済み 1年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ