Starting January 2022, the Amazon QuickSight will undergo minor updates, such as changes in the sign-in domain and a new look and feel while signing in. This won’t impact your access to QuickSight. In this post, we walk through changes to expect in the sign-in experience and domains to allow on your organization’s network to sign in to QuickSight.

If your QuickSight account is integrated with an identity provider such as Okta, this change is not applicable to you. If you sign in to QuickSight either using AWS root, AWS Identity and Access Management (IAM), corporate Active Directory, or your native QuickSight credentials, please keep reading.

What’s changing?

The QuickSight sign-in process will be a three-step experience.

Step 1: The first page requires your QuickSight account name.
BDB1822 IMG1

Step 2: The second step asks for your user name.
BDB1822 IMG2

Step 3: The third step varies depending on the user type you sign in as: native QuickSight or Active Directory user, AWS root user, or IAM user.

Native QuickSight or Active Directory

If you’re signing in as a native QuickSight user or use your corporate Active Directory credentials, you’re redirected to signin.aws, which prompts you to enter your password with the user name prefilled.
BDB1822 IMG3

If your account is Multi-Factor Authentication enabled, you will be prompted to enter the MFA code as below,
BDB1822 IMG4

AWS root user

If you’re signing in as an AWS root user, you’re redirected to signin.aws.amazon.com (or amazon.com) to complete the sign-in process. This page has your username prefilled. On selecting next, it prompts you to enter password.
BDB1822 IMG5
BDB1822 IMG6

IAM user

If signing in as an IAM user, you’re redirected to a sign-in page that prompts password with IAM user name pre-filled.
BDB1822 IMG7 IAMuser

Summary

These changes to the QuickSight sign-in experience will be effective starting January, 2022. Please note the four new domains below you may encounter depending on who you sign in as. As a network administrator, please allow-list these domains within your organization network.

User typeDomain to allow list
Native QuickSight user and Active Directory userssignin.aws and awsapps.com
AWS root usersignin.aws.amazon.com and amazon.com
AWS IAM usersignin.aws.amazon.com

If you have any questions, please reach out to AWS Support via the Support Center on the AWS Management Console.

Categories: Big Data