- 최신
- 최다 투표
- 가장 많은 댓글
Hi!
I understand that you have a concern about the behavior you're experiencing with the SessionDurationAttribute when signing into QuickSight using SAML 2.0 federation.
Please Kindly Note that QuickSight uses the AWS sign-in page to federate users into QuickSight, and while the maximum session duration for a role can be set to 1 hour, the session duration for QuickSight is not bound by the AWS Management Console session. This means that once you have authenticated through the sign-in page and been federated into QuickSight, the QuickSight session can continue beyond the session duration specified for the AWS Management Console. AWS takes session security seriously, and after inactivity for a certain period, QuickSight prompts the user to either extend the session or sign out. If no action is taken on this prompt, then QuickSight automatically signs the user out.
In the case you're describing, when you're accessing QuickSight 12 hours after closing the browser, it's behaving as expected by presenting a session timeout message. If you want to ensure that you or other users are automatically signed out of QuickSight after a certain duration, regardless of activity, I would recommend considering a QuickSight session policy. QuickSight session policies can be used to define a maximum session duration for QuickSight users.
Please note that configuring a QuickSight session policy will impact all users (if you have more than one) in your AWS account, so please carefully review the settings before implementing the policy.
If you have any further questions or need assistance setting up a QuickSight session policy, don't hesitate to ask.
Best Regards,
Victor https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session https://docs.aws.amazon.com/quicksight/latest/user/security_iam_concepts.html
