Row-Level Security with User-Based rules in Amazon QuickSight

Introduction

In the ever-evolving world of data analytics, taking security measures is critical. Amazon QuickSight is a cloud-based business intelligence service that offers a powerful user-based row-level security feature beyond traditional analytics. A key feature that adds a layer of complexity to Amazon QuickSight is user-based row-level security. This allows organizations to control and restrict access to information at a granular level so users can only see information relevant to their roles and responsibilities.

User-Based row-level security in Amazon QuickSight

This is especially profitable in scenarios where organizations deal with touchy data and have to follow strict information administration guidelines.

Effective control of access to this data is especially important when the data set contains sensitive or confidential information. User-based row-level security ensures that organizations comply with regulatory and internal policies by restricting access to information to those with appropriate authority.

Pre-requisites

• Determine the user attributes such as user role, department, or location that will be used to define access controls.

Steps for Tag-Based Row-Level Security for Anonymous Users

1. Add RLS to the dataset:

• From Amazon QuickSight, choose the dataset you want to add the rule and open that.
• On the dataset details page, at Row-level security, select Set up. Then, the setup row level security page opens, and there, select user-based rules.

• Create a user-level-rules file containing the username and manager_name as columns, with values as the name of the existing user we are giving access to and the manager_name for which manager data we want that user to access.
• [Note: in the dataset, the username john has permitted the data with manager_name as vikas]
• Select the user rules file, press apply, and activate to set up the rules, as shown in the image below.

• The user-based rules toggle turns on, and the rules are active.
• Now, if the user john opens the dashboard, he can see only the data with manager_name as Vikas.

[NOTE: dataset consists of employee_id, id, department and manager_name as the columns]

• To remove permissions, first remove the dataset rules from the dataset.
• Make certain that the dataset rules are removed. Then, choose the permissions dataset and choose Remove data set.

Advantages of User-based row-level security

• Improve data privacy: Organizations can improve data privacy by using user-based row-level security. This is especially important when dealing with confidential or personal information. Users can only see the information they have permission to access, reducing the risk of unauthorized access.
• Policy Compliance: Many businesses are subject to strict data access and privacy regulations. User-based row-level security helps organizations comply with these regulations by providing a robust framework for managing and validating data entry.
• Simple Data Management: The ease of defining customer-based rules makes managing data management easier. Organizations can manage policies without dealing with complex configurations, resulting in easier changes and greater security benefits.
• Flexible Access Control: User-based row-level security is flexible and adaptable to various applications. Administrators can change policies based on the specifics of their relationship when restricting access to financial information, customer information, or other sensitive information.
• Scalability: As organizations grow, the need for scalable solutions is critical. User-based row-level security scales seamlessly as your user base and data volumes grow, ensuring security measures remain effective even in dynamic environments.
• Dynamic Access Control: User-based row-level security is not static; it allows access control to be changed according to the user’s characteristics. This flexibility ensures that data access policies can be updated accordingly as the organization’s structure evolves or user roles change.

Conclusion

User-based row-level security in Amazon QuickSight is a powerful tool that allows organizations to manage data access rights. Using User Based-Row Level Security, companies can improve data privacy, comply with regulations, and improve data management practices. As organizations prioritize security in the age of data-driven decision-making, User Based-Row Level Security stands out as an important tool among tools to protect sensitive information. As organizations continue leveraging data’s power for policy decisions, User Based Row Level Security is critical to creating an efficient Amazon QuickSight system.

Drop a query if you have any questions regarding User Based Row Level Security and we will get back to you quickly.

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

CloudThat is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, Microsoft Gold Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, and many more.

To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.