Centrally manage permissions for tables and views accessed from Amazon QuickSight with trusted identity propagation
Business Intelligence Blog
This article discusses how to centrally manage permissions for tables and views accessed from Amazon QuickSight using trusted identity propagation. It shows how data owners and BI administrators can centrally manage fine-grained data permissions on Amazon Redshift tables and views and enforce them on all users in QuickSight with AWS IAM Identity Center trusted identity propagation.
Specifically, the article covers:
- Solution overview explaining the authentication and authorization flow using QuickSight, Amazon Redshift, and IAM Identity Center
- Step-by-step walkthrough to configure trusted identity propagation, including:
- Configuring Redshift row-level and column-level security with IAM Identity Center users and groups
- Configuring access to Redshift cluster in a VPC from QuickSight
- Configuring QuickSight trusted identity propagation scope for Amazon Redshift
- Connecting to a Redshift data source in QuickSight using trusted identity propagation
- Validating that Redshift row-level security is applied in QuickSight
- A use case highlighting how this solution enables centralized data access management
- Limitations of trusted identity propagation with QuickSight
- Conclusion summarizing the benefits of this approach
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
2024
2024
2026
2025
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.