Is Federate Amazon Redshift access with Microsoft Azure AD single sign-on via a QuickSight Data Source possible?

We are an AWS AMS customer making use of SSO federation to access our private Redshift cluster (this blog describes the setup: Federate Amazon Redshift access with Microsoft Azure AD single sign-on | AWS Big Data Blog).

We do this to remove the need to create a username per user wishing to access our Redshift cluster.

Instead, they follow an online process of applying for access and then being granted access by the relevant stakeholder (this removes admin overhead).

The problem we have now is that QuickSight requires a username and a password in order to connect to Redshift as a data source.

This goes against our current access strategy and forces us back to the admin heavy process of creating a username and a password for every person that wants to access Redshift.

Is there no other way of creating a data source that connects to Redshift using SSO federation to access?

If that is not possible, is there not perhaps a way for us to create a data source connection once only and share that 1 connection to users to create many datasets from? At this stage we must enter a username and a password whenever we want to create a new dataset from the same Redshift data source. This removes the self-service capability of users needing to create new visualizations from datasets that do not exist yet (as they do not have a Redshift username and password).

Hi @fdebruyn You can create a single data source that everyone can use. You can then use a single username and password and a single user in Redshift.
You can create a new dataset from existing sources. In the Create a DataSet screen, you see ‘from new data sources’ option, and if you scroll down you see ‘from existing data sources’ option as well. Choose that option to re-use a data source for a new dataset.
To go one step further and stop people trying to create new data sources, you can use custom permissions to restrict what your authors can create.

Hi Steph, thanks for the feedback. We tested your suggested approach and can see the stored data source display at the bottom of the screen under the “FROM EXISTING DATA SOURCES” section when creating a new dataset.