Federate Amazon QuickSight access with open-source identity provider Keycloak
Blog
This article provides a step-by-step guide to configure federated single sign-on (SSO) between Amazon QuickSight and the open-source Keycloak identity provider.
- Register a Keycloak client application and configure SAML federation properties
- Download Keycloak SAML metadata and add it as an IAM identity provider in AWS
- Create three IAM policies for QuickSight roles: Admin, Author, and Reader
- Create corresponding IAM roles that Keycloak users assume when federating
- Map IAM roles to Keycloak groups and users via SAML mappers
- Create Keycloak groups and users for testing SSO access to QuickSight
- Test federated access using Keycloak credentials to sign into QuickSight
This integration enables organizations to centralize identity management using Keycloak while controlling QuickSight access through role-based permissions.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.