As an architect or administrator, you need to plan out which users and which data sources you want QuickSight to have access to. To manage who has access, QuickSight administrators can manage user accounts, which can be IAM users or just any e-mail IDs. If you have an enterprise subscription, you can integrate a Microsoft AD account with QuickSight.

To manage permissions on what resources QuickSight should have access to, the administrator can do a blanket grant/revoke access from RDS instances, Redshift cluster, and selective S3 buckets. Additionally, for each RDS instance, Redshift cluster and/or EC2 instance that you wish to allow access to, you need to associate a new security group to authorize QuickSight servers using an address range. In future releases, the user management is expected to include IAM role-based access to simplify integration with other services.

In the next chapter, we will look into the QuickSight mobile application and see how the analyses created on the standard browser application can give you access in the palm of your hand.