Reading encrypted data from S3/Redshift and Group tables/datasets by application


Can quicksight read encrypted data from S3 location/Redshift? and will be able to decrypt the encrypted data? If yes, should we take any extra steps from quicksight end?

If im bringing 200 tables per application into quicksight and i have 3 applications data. so if i have 600 tables. Is there a way i can group these tables/store these tables in a folder by application? The reason i ask is, some of the tables have Sensitive data and should only be accessed by Super users in an AD group who has permission to view sensitive data tables. So can we provide access to those app folders to the AD group?

Basically, I’m looking for something on power bi concept, where we have workspaces, i can load the tables into 1 report, create a data model, and publish, and i can give access to the AD group just for the workspace where my privacy tables are loaded.

Any help would be appreciated.

Hi @yesh,

Yes it is possible for QuickSight to access and decypt data. If you are using KMS to encrypt your data you need to give the IAM Quicksight role access to the KMS key to use and decypt data using this key.

For the second part of your question, yes you can work with folders within QuickSight to restrict access to QuickSight to certain users and groups. We recently launched restricted folders which can provide additional guardrails when it comes to the sharing and management of assets within these folders.

I am marking this reply as, “Solution,” but let me know if you would like additional information on either of the above points.