This blog post has been updated as of September 14, 2022, to reflect that the new sign-in experience is now generally available across all QuickSight regions. For more details, you can check out this another blog post.
Amazon QuickSight has introduced modifications to its sign-in domain along with a fresh interface for users logging in. These adjustments will not affect your overall access to QuickSight. In this article, we will outline the anticipated changes to the sign-in experience and the domains that need to be permitted on your organization’s network for QuickSight access.
If your QuickSight account is linked with an identity provider like Okta, you may ignore these updates. However, if you log in to QuickSight using AWS root, AWS Identity and Access Management (IAM), corporate Active Directory, or your native QuickSight credentials, please continue reading.
What’s New?
The QuickSight sign-in process has been streamlined into a three-step flow:
- Step 1: The initial page will prompt you for your QuickSight account name.
- Step 2: The second step will require your username.
- Step 3: The final step varies based on the user type you are signing in as: native QuickSight user, Active Directory user, AWS root user, or IAM user.
- Native QuickSight or Active Directory Users: If you are signing in as a native QuickSight user or using your corporate Active Directory credentials, you will be redirected to signin.aws, where you will enter your password with your username already filled in. If your account has Multi-Factor Authentication enabled, you will then be prompted to enter the MFA code.
- AWS Root User: If you are logging in as an AWS root user, you will be directed to signin.aws.amazon.com (or amazon.com) to finalize the sign-in. This page will have your username pre-filled, and after selecting “next,” you will enter your password.
- IAM User: When logging in as an IAM user, you will be directed to a sign-in page that prompts for your password with your IAM username pre-filled.
Summary
These modifications to the QuickSight sign-in experience were implemented during July and August 2022. Please take note of the four new domains listed below that you may encounter based on your user type. As a network administrator, ensure these domains are allow-listed within your organization’s network.
| User Type | Domain to Allow List |
|---|---|
| Native QuickSight and Active Directory Users | signin.aws, awsapps.com |
| AWS Root User | signin.aws.amazon.com, amazon.com |
| AWS IAM User | signin.aws.amazon.com |
If you utilize the QuickSight mobile app, it’s essential to upgrade to the latest version to maintain functionality. Should you have any inquiries, feel free to contact AWS Support through the Support Center on the AWS Management Console. For further expertise on this topic, you can refer to this excellent resource.
Leave a Reply