Direkt zum Inhalt
Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post
Über re:Post

QuickSight Error: NO_SCOPEDOWN_POLICY_CONFIGURED – Unable to Refresh Manually, Duplicate, or Edit Dataset

0

Hi,

I'm encountering a recurring issue in Amazon QuickSight that has become quite frustrating due to the lack of a simple or documented fix, it occurs after user security changes.

sourceErrorCode: NO_SCOPEDOWN_POLICY_CONFIGURED sourceErrorMessage: No scopedown policies configured for user

Context: This happens when attempting to refresh, edit, or duplicate a dataset. The affected user is an Admin and the owner of both the dataset and the data source. Permissions are applied through Security & Permissions → IAM policy assignments, and the user is correctly included under the relevant assignment. All IAM and QuickSight permissions appear to be correctly configured.

Issue: Once this error appears, the dataset becomes unusable: I can’t refresh the dataset manually. I can’t duplicate it from the UI. I can’t edit its configuration or replace it.

Current Workaround: The only working solution I’ve found is to export and reimport the entire dashboard and its dependencies using the CLI:

aws quicksight start-asset-bundle-export-job
--aws-account-id 12345
--asset-bundle-export-job-id abc_
--resource-arns "arn:aws:quicksight:eu-west-2:12345:dashboard/12345"
--export-format QUICKSIGHT_JSON
--include-all-dependencies
--region eu-west-2 Then reimport using:

aws quicksight start-asset-bundle-import-job
--aws-account-id 12345
--asset-bundle-import-job-id abc_
--asset-bundle-import-source S3Uri="s3://xyz/abc_.qs"
--override-parameters '{"ResourceIdOverrideConfiguration": {"PrefixForAllResources": "abc_"}}'

After reimporting, the dataset works correctly again and the error no longer appears.

Themen
AnalysenGeschäftsanwendungenMaschinelles Lernen & KI
Tags
Amazon Quick Sight
Sprache
English
gefragt vor 3 Monaten101 Aufrufe
1 Antwort
1

I think the error is showing

The user’s identity and permissions (via IAM or SSO)
AND
QuickSight's internal "scopedown policy" logic for datasets — which restricts what rows, columns, or tables a user can access in row-level security (RLS) or restricted datasets.

Even if the user: Is Admin Owns the dataset and datasource Is covered by IAM policy assignments

...QuickSight still checks for scopedown policy metadata, and if it can't find a valid config post-permission change, it breaks access to that dataset for that user.

Recommended fix

Go to QuickSight Admin → Security & Permissions
Find the IAM or IAM Identity Center user
Create and assign a scopedown policy (even a permissive one)
Reopen or refresh the dataset
If the dataset works again, remove the scopedown policy

This "resets" the internal reference to scopedown metadata.

If the issue is isolated to a user, try reassigning the dataset: aws quicksight update-data-set-permissions
--aws-account-id 123456789012
--data-set-id your_dataset_id
--grant-permissions Principal=arn:aws:quicksight:region:account:user/default/new_user,Actions=quicksight:DescribeDataSet,quicksight:UpdateDataSetPermissions

Then have the new user try editing or duplicating the dataset.

Also, this might help but its good for automation or bulk correction Rebuild via Asset Bundle Export (as you’re doing) You're already using this as a workaround — it re-creates the dataset and dependencies without the corrupted scopedown reference.

aws quicksight start-asset-bundle-export-job ... aws quicksight start-asset-bundle-import-job ...

This is effective but inefficient — good for automation or bulk correction.

AWS
beantwortet vor 3 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Relevanter Inhalt