With Quick Sight federated identity using Azure AD, what is the effective Quick Sight permissions when a user is a member of multiple Azure AD groups, ie. QuickSigh-Admin and Quick Sight-Reader. My test showed that the user has the lesser authorization level, but this might be specific to my environment and I want to understand the expected behaviour.
Hi @justiono_putro - can you please clarify if the following “when a user is a member of multiple Azure AD groups, ie. QuickSigh-Admin and Quick Sight-Reader”? Do you want the same user to be part of QuickSigh-Admin as well as Quick Sight-Reader group? If so, what is the use case?
BTW, you may have seen the following blog: Enable federation to Amazon Quick Sight with automatic provisioning of users between AWS IAM Identity Center and Microsoft Azure AD
1 Like