Amazon QuickSight provides a secure platform that enables you to distribute dashboards and insights to tens of thousands of users, with multiple-region availability and built-in redundancy.
QuickSight enables you to manage your users and content using a comprehensive set of security features. These include role-based access control, Microsoft Active Directory integration and single sign-on using AWS Identity and Access Management (IAM) etc.
-
SIgn up for “Quicksight Standard/Enterprise/Enterprise + Q” account and choose the Authentication Method as “Active Directory".
-
Select the Directory and click on Activate. If the Directory is not setup, create the directory from “Directory Services” in AWS.
Steps to create new Active Directory:
a. Select directory type as “AWS Managed Microsoft AD”.
b. Select the type of Edition(Standard/Enterprise) and setup the Directory DNS name and Admin password.
c. Choose VPC and subnets
**NOTE:**We need atleast 2 subnets in different AZ under the VPC when creating new Directory. If you do not have a VPC with at least two subnets, you must create one.
d. Review the details and create the AWS Managed Microsoft AD
NOTE: Directory Creation will take around 30mins to complete.
-
Once Directory is active, choose the appropriate directory to Authorize and click on Finish.
Our Quicksight Account is now setup with AWS Managed Microsoft AD
-
Once the Quicksight account is setup with Active Directory, login to the EC2 instance and navigate to the “Active Directory Users and Computers” to create users/groups.
NOTE: The groups “admin-qs”, “author-qs” and “reader-qs” are created here along with users “Cena”, “John” and “Undertaker”.
- Map the groups(reader-qs, author-qs, admin-qs) created in Active Directory to QS under “Manage Users”.
NOTE: Only Administrator will have the permission to manage users.