ReadonlyaccountReadonlyauthenticationAuthentication method controlling how users sign in to QuickSight.
Use cases: IAM federation; Active Directory integration; Mixed authentication
AWS: QuickSight account authentication configuration
Validation: Required; 'IAM_AND_QUICKSIGHT' | 'IAM_ONLY' | 'ACTIVE_DIRECTORY'
Optional ReadonlycontactPhone number for the QuickSight account administrator.
Use cases: Admin contact; Support escalation
AWS: QuickSight account admin phone
Validation: Optional; 10 digits
ReadonlyeditionQuickSight edition determining feature set and pricing tier.
Use cases: Feature tier selection; Q AI capabilities; Enterprise governance
AWS: QuickSight account edition
Validation: Required; 'STANDARD' | 'ENTERPRISE' | 'ENTERPRISE_AND_Q'
Optional ReadonlyemailEmail address of the QuickSight account administrator.
Use cases: Admin contact; Account management notifications
AWS: QuickSight account admin email
Validation: Optional; valid email format
Optional ReadonlyfirstFirst name of the QuickSight account administrator.
Use cases: Account personalization; AWS support communications
AWS: QuickSight account admin contact
Validation: Optional; string
Optional ReadonlyglueGlue resource patterns granting the QuickSight service role read access to data catalog databases and tables for data source setup and validation.
Use cases: Glue catalog integration; Athena data source discovery; Schema validation
AWS: IAM permissions for QuickSight service role on Glue resources
Validation: Optional; array of Glue resource patterns (e.g., 'database/my-db*')
Optional ReadonlyipIP CIDR restrictions for QuickSight console access. When specified, only requests from these IP ranges can access the QuickSight interface.
Use cases: Corporate network restrictions; IP allowlisting; Compliance access control
AWS: QuickSight IP restriction rules
Validation: Optional; array of IpRestrictionProps with valid CIDR blocks
Optional ReadonlylastLast name of the QuickSight account administrator.
Use cases: Account personalization; AWS support communications
AWS: QuickSight account admin contact
Validation: Optional; string
ReadonlynotificationEmail address for QuickSight account notifications including billing and service alerts.
Use cases: Account alerts; Billing notifications; Service communications
AWS: QuickSight account notification email
Validation: Required; valid email format
Optional ReadonlysecuritySecurity group rules controlling which VPC resources QuickSight can connect to. Defines ingress rules for the MDAA-created security group (e.g., Redshift on port 5439).
Use cases: Redshift access; RDS connectivity; Data source network rules
AWS: QuickSight security group ingress rules
Validation: Optional; valid MdaaSecurityGroupRuleProps with sg/ipv4 rules
ReadonlysubnetSubnets for the QuickSight VPC connection. QuickSight requires at least 2 subnets for multi-AZ availability.
Use cases: Multi-AZ data source connectivity; High availability
AWS: QuickSight VPC connection subnets
Validation: Required; array of valid subnet IDs; minimum 2
ReadonlyvpcVPC to associate with the QuickSight account for secure data source connectivity. MDAA creates a security group and VPC connection for QuickSight to reach VPC-based resources like Redshift clusters.
Use cases: Private data source access; Redshift connectivity; VPC network isolation
AWS: QuickSight VPC connection
Validation: Required; valid VPC ID (vpc-xxxxxxxx)
QuickSight account configuration controlling edition, authentication, VPC connectivity, and access restrictions. MDAA deploys a service account, security group, and VPC connection for secure data source connectivity.
Use cases: Account provisioning; VPC data source connectivity; IP-based access control; Glue catalog integration
AWS: Amazon QuickSight account, VPC connection, security group
Validation: Required fields: edition, authenticationMethod, notificationEmail, vpcId, subnetIds