Authentication and authorization

Hi, I have a scenario where we need to create multiple dashboards and make them available to our customer, customers will have specific logins to access data that is specific to their domain / data. We intend to charge the customers a yearly subscription.

Just wanted to check what are the different types of roles and authorizations that can be set and how we could add an entitlement for validating the subscription to enable or disable it as deemed necessary.


There are different types of roles:

  1. Readers: those that can only read data
  2. Authors: those that create dashboards
  3. Admins: those that can create dashboards and manage users.

Admins and Authors are priced the same. And here is a breakdown for Readers vs Authors.

You’ll also want to understand how to interact with how you are storing user information such as subscriptions. If you are using Cognito for user management here is something to look into.

From there ^ you can connect Athena to QuickSight which will allow you to do Row Level Security.

You’ll want to look into Row Level Security to lock down who has access to what data.

In regards to who has access to what dashboards that will probably be handled on the front end. Although you could use groups in QuickSight to give people access to certain dashboards.

Hope these resources help

Hi @Clyde_Arnold, did Max’s solution work for you? I am marking his reply as, “Solution,” but let us know if this is not resolved. Thanks for posting your questions on the QuickSight Community Q&A Forum!