AWS Security ChangesHomeSearch

AWS quicksight documentation change

Service: quicksight · 2025-07-01 · Documentation medium

File: quicksight/latest/user/enabling-access-redshift.md

Summary

Expanded explanation of trusted identity propagation with IAM Identity Center integration

Security assessment

Adds detailed documentation about identity propagation security feature, enabling better understanding of access control mechanisms. Enhances security documentation without addressing specific vulnerabilities.

Diff

diff --git a/quicksight/latest/user/enabling-access-redshift.md b/quicksight/latest/user/enabling-access-redshift.md
index 6946a401d..316ffdd33 100644
--- a//quicksight/latest/user/enabling-access-redshift.md
+++ b//quicksight/latest/user/enabling-access-redshift.md
@@ -15 +15,3 @@ You can provide access to Amazon Redshift data using three authentication method
-With trusted identity propagation, a user's identity is passed to Amazon Redshift with single sign-on that is managed by IAM Identity Center. A user that accesses a dashboard in QuickSight has their identity propagated to Amazon Redshift. In Amazon Redshift, fine grained data permissions are applied on the data before the data is presented in a QuickSight asset to the user. QuickSight authors can also connect to Amazon Redshift data sources without a password input or IAM role. If Amazon Redshift Spectrum is used, all permission management is centralized in Amazon Redshift. Trusted identity propagation is supported when QuickSight and Amazon Redshift use the same organization instance of IAM Identity Center. Trusted identity propagation is not currently supported for the following features.
+[Trusted identity propagation](https://docs.aws.amazon.com/singlesignon/latest/userguide/trustedidentitypropagation-overview.html) is an AWS IAM Identity Center feature that administrators of connected AWS services can use to grant and audit access to service data. Access to this data is based on user attributes such as group associations. Setting up trusted identity propagation requires collaboration between the administrators of connected AWS services and the IAM Identity Center administrators. For more information, see [Prerequisites and considerations](https://docs.aws.amazon.com/singlesignon/latest/userguide/trustedidentitypropagation-overall-prerequisites.html).
+
+A user that accesses a dashboard in QuickSight has their identity propagated to Amazon Redshift. In Amazon Redshift, fine grained data permissions are applied on the data before the data is presented in a QuickSight asset to the user. QuickSight authors can also connect to Amazon Redshift data sources without a password input or IAM role. If Amazon Redshift Spectrum is used, all permission management is centralized in Amazon Redshift. Trusted identity propagation is supported when QuickSight and Amazon Redshift use the same organization instance of IAM Identity Center. Trusted identity propagation is not currently supported for the following features.