Integrating AWS Managed Microsoft AD with QuickSight

Amazon QuickSight provides a secure platform that enables you to distribute dashboards and insights to tens of thousands of users, with multiple-region availability and built-in redundancy.
QuickSight enables you to manage your users and content using a comprehensive set of security features. These include role-based access control, Microsoft Active Directory integration and single sign-on using AWS Identity and Access Management (IAM) etc.

  1. SIgn up for “Quicksight Standard/Enterprise/Enterprise + Q” account and choose the Authentication Method as “Active Directory".

  2. Select the Directory and click on Activate. If the Directory is not setup, create the directory from “Directory Services” in AWS.

Steps to create new Active Directory:
a. Select directory type as “AWS Managed Microsoft AD”.
b. Select the type of Edition(Standard/Enterprise) and setup the Directory DNS name and Admin password.

c. Choose VPC and subnets
**NOTE:**We need atleast 2 subnets in different AZ under the VPC when creating new Directory. If you do not have a VPC with at least two subnets, you must create one.

d. Review the details and create the AWS Managed Microsoft AD

NOTE: Directory Creation will take around 30mins to complete.

  1. Once Directory is active, choose the appropriate directory to Authorize and click on Finish.

    Our Quicksight Account is now setup with AWS Managed Microsoft AD

  2. Once the Quicksight account is setup with Active Directory, login to the EC2 instance and navigate to the “Active Directory Users and Computers” to create users/groups.

NOTE: The groups “admin-qs”, “author-qs” and “reader-qs” are created here along with users “Cena”, “John” and “Undertaker”.

  1. Map the groups(reader-qs, author-qs, admin-qs) created in Active Directory to QS under “Manage Users”.

    NOTE: Only Administrator will have the permission to manage users.