How to add SSO federated users from Google Workspace to QuickSight Groups?

Hey everyone,

I was able to successfully set up Google SSO to federate user access to QuickSight. However is it possible to automatically add users to groups so they have access to the necessary shared folders when they sign in for the first time?

Hello there,

You would need to add users to the desired groups once both group and user exist. this could be done via console of API.

For more info - Creating and managing groups in Amazon QuickSight - Amazon QuickSight

by default user will not have any access to assets unless its granted and its by design to avoid any unnecessary exposure to data. you may say it as least privileges imho.

Hope this helps.

Thanks Deep that’s what I suspected. I’m wondering if I can write a python script to automate this via a CRON job.

  1. User added to Google group,
  2. CRON job runs on schedule,
  3. Members of Google group added to csv,
  4. Users in csv added to groups in QuickSight.

Basically what I’m trying to do is when a new user is added to our team, I want to provision access to QuickSight and their relevant assets automatically using a shared folder structure. Do you have another recommended approach for this use case?

Hello there,

Honestly, i do not have any additional recommendation on this. I am not familiar with the scripting approach but If you intend try with python script as mentioned, please do so there is no harm and if it works, do share with us as well so that other community members can also benefit from it.

Good luck !

1 Like