AWS Quicksight Admin Console Dashboard - Cloudtrail events do not contain usernames

Q&A
,
1

Hi there,

I am deploying the AWS Quicksight Admin Dashboard as per this guide here:

I have followed every step so far, and can see dashboard usage in Quicksight. The issue I’m facing now is that the Cloudtrail events for GetDashboard do not contain the username for the user performing the action, only the Identity Center user ID. Because of this, my dashboard is showing that every user is inactive and that “null” is the only user accessing any dashboards.

How do I get the dashboard to pull usernames correctly? The user identity block in Cloudtrail looks like this:

"userIdentity": {
"type": "IdentityCenterUser",
"accountId": "111111111111",
"onBehalfOf": {
"userId": "1111a111-1111-1111-11a1-11111a11a111",
"identityStoreArn": "arn:aws:identitystore::111111111111:identitystore/a-1a111a1aa1"
},
"credentialId": "AAAAAAaAAAaaAA1aaa11aAAaAAaaAAaAa1aaAA1AaA11aa-AA_aAAA1A11aAAaaAaaAAAAAAaA_aAAA1aaaaaa"
},
2

Hi @AnaRomanov

Welcome to the QuickSight community!

To pull readable usernames rather than GUIDs in your QuickSight Admin dashboard, please build a mapping table from Identity Center userId to username or email, and join this against CloudTrail logs before loading into QuickSight for reporting.

Please refer to the below documentation this might be helpful for you.