Help us improve the AWS re:Post Knowledge Center by sharing your feedback in a brief survey. Your input can influence how we create and update our content to better support your AWS journey.
How do I access orphaned resources of a deleted user in Quick Sight?
I want to access the orphaned resources owned by a deleted user in my Amazon Quick Sight account.
Short description
To restore access to a deleted user's orphaned resources in Quick Sight, use AWS Command Line Interface (AWS CLI) commands to identify the resources. Then, make another Quick Sight user the owner of the resources.
Or, you can use the Amazon Quick Suite asset management console to view, manage, and transfer resources.
Note: The Quick Suite asset management console is only available with Quick Suite Enterprise edition.
Resolution
Note: If you receive errors when you run AWS CLI commands, then see Troubleshooting errors for the AWS CLI. Also, make sure that you're using the most recent AWS CLI version.
In the following AWS CLI commands, where necessary replace:
- account_id with the deleted user's AWS account ID
- Region with the AWS Region that you're in
- quicksight_user_arn with the Amazon Resource Name (ARN) of the Quick Sight user that you want to be the new resource owner
- analysis_id with the ID of the orphaned analysis
- dashboard_id with the ID of the orphaned dashboard
- dataset_id with the ID of the orphaned dataset
- data_source_id with the ID of the orphaned data source
Identify the IDs of the orphaned analyses
To identify the IDs of the orphaned analyses, run the list-analyses command:
aws quicksight list-analyses --aws-account-id account_id --region Region
To make another Quick Sight user the owner of each analysis, run the update-analysis-permissions command:
aws quicksight update-analysis-permissions --aws-account-id account_id --analysis-id analysis_id --grant-permissions Principal=quicksight_user_arn,Actions=quicksight:RestoreAnalysis,quicksight:UpdateAnalysisPermissions,quicksight:DeleteAnalysis,quicksight:DescribeAnalysisPermissions,quicksight:QueryAnalysis,quicksight:DescribeAnalysis,quicksight:UpdateAnalysis --region Region
Identify the IDs of the orphaned dashboards
To identify the IDs of the orphaned dashboards, run the the list-dashboards command:
aws quicksight list-data-sets --aws-account-id account_id --region Region
To make another Quick Sight user the owner of each dashboard, run the update-dashboard-permissions command:
aws quicksight update-data-set-permissions --aws-account-id account_id --data-set-id dataset_id --grant-permissions Principal=quicksight_user_arn,Actions=quicksight:UpdateDataSetPermissions,quicksight:DescribeDataSet,quicksight:DescribeDataSetPermissions,quicksight:PassDataSet,quicksight:DescribeIngestion,quicksight:ListIngestions,quicksight:UpdateDataSet,quicksight:DeleteDataSet,quicksight:CreateIngestion,quicksight:CancelIngestion --region Region
Identify the orphaned data sources
To identify the IDs of the orphaned data sources, run the list-data-sources command:
aws quicksight list-data-sources --aws-account-id account_id --region Region
To make another Quick Sight user the owner of each data source, run the update-data-source-permissions command:
aws quicksight update-data-source-permissions --aws-account-id account_id --data-source-id data_source_id --grant-permissions Principal=quicksight_user_arn,Actions=quicksight:UpdateDataSourcePermissions,quicksight:DescribeDataSource,quicksight:DescribeDataSourcePermissions,quicksight:PassDataSource,quicksight:UpdateDataSource,quicksight:DeleteDataSource --region Region
Repeat the steps for each of the deleted user's resources.
- Language
- English
Relevant content
- asked 3 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 5 months ago
