AWS Quicksight Admin Console Dashboard - Cloudtrail events do not contain usernames

Q&A
1

Hi there,

I am deploying the AWS Quicksight Admin Dashboard as per this guide here:

I have followed every step so far, and can see dashboard usage in Quicksight. The issue I’m facing now is that the Cloudtrail events for GetDashboard do not contain the username for the user performing the action, only the Identity Center user ID. Because of this, my dashboard is showing that every user is inactive and that “null” is the only user accessing any dashboards.

How do I get the dashboard to pull usernames correctly? The user identity block in Cloudtrail looks like this:

"userIdentity": {
"type": "IdentityCenterUser",
"accountId": "111111111111",
"onBehalfOf": {
"userId": "1111a111-1111-1111-11a1-11111a11a111",
"identityStoreArn": "arn:aws:identitystore::111111111111:identitystore/a-1a111a1aa1"
},
"credentialId": "AAAAAAaAAAaaAA1aaa11aAAaAAaaAAaAa1aaAA1AaA11aa-AA_aAAA1A11aAAaaAaaAAAAAAaA_aAAA1aaaaaa"
},
2

Hi @AnaRomanov

Welcome to the Quick Sight community!

To pull readable usernames rather than GUIDs in your Quick Sight Admin dashboard, please build a mapping table from Identity Center userId to username or email, and join this against CloudTrail logs before loading into Quick Sight for reporting.

Please refer to the below documentation this might be helpful for you.

3

Hi @AnaRomanov

Since we have not heard back from you, I’ll go ahead and close/archive this topic. However, if you have any additional questions, feel free to create a new topic in the community and link this discussion for relevant information.

Thank you!