Configure ADFS Identity Federation with Amazon QuickSight
Blog
This article explains how to configure Active Directory Federation Services (ADFS) identity federation with Amazon QuickSight Enterprise edition for federated single sign-on access.
- Create SAML identity provider in IAM with ADFS metadata document
- Create IAM policies for QuickSight admin, author, and reader roles
- Create IAM roles with ADFS naming convention and trust relationships
- Configure AD security groups matching IAM role names with AWS account ID
- Create relying party trust in ADFS pointing to AWS SAML metadata
- Configure ADFS claim rules for NameId, RoleSessionName, AD groups, and roles
- Enable email syncing in QuickSight to use corporate email addresses
- Generate relay state URL for QuickStart dashboard access
This solution enables users to access QuickSight dashboards using existing Active Directory credentials with one-click SSO, eliminating separate IAM user management.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.