Creating and managing groups in Amazon Quick Suite - Amazon Quick Suite
Create a groupChange a group descriptionManage group membershipCreate and manage groups with the AWS CLI

Creating and managing groups in Amazon Quick Suite

   Intended audience: System administrators 
 Applies to: Enterprise Edition 
Note

If your Amazon Quick Suite account is integrated with IAM Identity Center (recommended), groups are not managed in the Quick Suite application. Instead, groups are managed in IAM Identity Center or in the third-party identity provider that you configured in IAM Identity Center. Groups are synced automatically between Quick Suite and IAM Identity Center.

Admins with IAM credentials who have access to the Quick Suite console can organize sets of users into groups that make it easier to manage access and security. For example, you can create a group of users that you can share Amazon Quick Suite assets with all at once. You can create and manage groups using the Amazon Quick Suite console or the AWS Command Line Interface (AWS CLI). You can create up to 10,000 groups in a namespace. If you want to create more than 10,000 groups in a namespace, contact AWS Support.

Use the topics below to create, and modify groups with in the Amazon Quick Suite console or with the Amazon Quick Suite APIs.

Create a group with the Amazon Quick Suite console

Use the following procedure to create a group in the Quick Suite console.

To create a user group in the Amazon Quick Suite console:

  1. On the Amazon Quick Suite start page, choose Manage Quick Suite, and then choose Manage groups.

  2. Choose NEW GROUP.

  3. On the Create new group page, enter the name and description of the new group in the corresponding boxes.

  4. When you're finished, choose Create to create the new group.

Note

You can't delete a group from the Amazon Quick Suite console, but you can delete a group with the AWS CLI. For more information on deleting a Amazon Quick Suite group with the AWS CLI, see Create and manage groups with the AWS CLI.

Change a group description with the Amazon Quick Suite console

After you have created a new group, you can't change the group's title but you can change the group's description.

To change the description of a group:

  1. On the Amazon Quick Suite start page, choose Manage Quick Suite, and then choose Manage groups.

  2. Choose the group that you want to change, and then choose the Edit link next to the group description.

  3. In the Edit description box that appears, enter the new description and choose Save.

Manage group membership in the Amazon Quick Suite console

After you create a group, you can add and remove users from the Manage groups page. You can't add a user to a group if you haven't added the user to your account. For more information on adding users to your Amazon Quick Suite account, see Managing user access inside Amazon Quick Suite.

To add a user to a group

  1. On the Amazon Quick Suite start page, choose Manage Quick Suite, and then choose Manage groups.

  2. Choose the group that you want to add a user to, and choose ADD USER at the page's upper right.

  3. Enter the user name or email of the user that you want to add, and choose the correct user for Search users.

To remove a user from a group:

  1. On the Amazon Quick Suite start page, choose Manage Quick Suite, and then choose Manage groups.

  2. Choose the group that you want to remove a user from.

  3. Find the user that you want to remove and choose Remove.

Choosing remove automatically removes the selected user from the group.

You can also search for a group member by entering the user's full user name into the search bar on the right-hand side of the group's page.

Create and manage groups with the AWS CLI

Before you begin, make sure that you have the AWS CLI installed. For more information, see Installing the AWS CLI in the AWS CLI User Guide.

Use the following procedure to create an Quick Suite user group.

  1. Open a terminal window. If you are using Microsoft Windows, open a command prompt.

  2. Enter the following command at the prompt to create a group. Substitute the correct values for your parameters.

    aws quicksight create-group --aws-account-id=111122223333 --namespace=default --group-name="Sales-Management" --description="Sales Management - Forecasting"

    You might find it easier to create the command in a text editor before entering it at the prompt. For more information on create-group and other available commands, see the Amazon Quick Suite API reference.

  3. Verify that the group exists by using a command similar to one of the following. The following command lists all groups.

    aws quicksight list-groups --aws-account-id 111122223333 --namespace default

    The following command describes a specific group.

    aws quicksight describe-group --aws-account-id 11112222333 --namespace default --group-name Sales

    The following command searches for groups in a specified Amazon Quick Suite namespace.

    aws quicksight search-groups --region us-west-2 --aws-account-id 11112222333 --namespace default --filters "[{\"Operator\": \"StartsWith\", \"Name\": \"GROUP_NAME\", \"Value\": \"Mar\"}]"

  4. Add a member to the new group by using a command similar to the following.

     aws quicksight create-group-membership --aws-account-id 111122223333 --namespace default --group-name Sales --member-name Pat

    The following command determines if a user is a member of a specified group.

    aws quicksight describe-group-membership --region us-west-2 --aws-account-id 11112222333 --namespace default --group-name Marketing-East --member-name user

Enter the following command at the prompt to delete a group. Substitute the correct values for your parameters.

aws quicksight delete-group --aws-account-id 111122223333 --namespace default --group-name Marketing-East

You might find it easier to create the command in a text editor before entering it at the prompt. For more information on delete-group and other available commands, see the Amazon Quick Suite API reference.