With QuickSight federated identity using Azure AD, what is the effective QuickSight permissions when a user is a member of multiple Azure AD groups, ie. QuickSigh-Admin and QuickSight-Reader. My test showed that the user has the lesser authorization level, but this might be specific to my environment and I want to understand the expected behaviour.
Hi @justiono_putro - can you please clarify if the following “when a user is a member of multiple Azure AD groups, ie. QuickSigh-Admin and QuickSight-Reader”? Do you want the same user to be part of QuickSigh-Admin as well as QuickSight-Reader group? If so, what is the use case?
BTW, you may have seen the following blog: Enable federation to Amazon QuickSight with automatic provisioning of users between AWS IAM Identity Center and Microsoft Azure AD