AWS announces preview of AWS Interconnect - multicloud

AWS announces AWS Interconnect – multicloud (preview), providing simple, resilient, high-speed private connections to other cloud service providers. AWS Interconnect - multicloud is easy to configure and provides high-speed, resilient connectivity with dedicated bandwidth, enabling customers to interconnect AWS networking services such as AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC to other cloud service providers with ease.

How do I resolve the "AccessDeniedException" error when I use the create-group AWS CLI command to create Quick Suite groups?

2 minute read

I used the AWS Command Line Interface (AWS CLI) command create-group to create Amazon Quick Suite groups but I received an "AccessDeniedException" error.

Short description

You might receive the following error messages when you use the AD Connector to sign in to Amazon Quick Suite:

"An error occurred (AccessDeniedException) when calling the CreateGroup operation: Group operations are not enabled for this account."

Quick Suite manages only the identities that are created and maintained in Quick Suite. If AD Connector is set up, then AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD) groups are used.

The AWS Managed Microsoft AD groups are used to map users to admin, author, and reader roles. You can't use the create-group AWS CLI command to create Quick Suite managed groups when you manage users through AWS Managed Microsoft AD.

Resolution

Note: If you receive errors when you run AWS CLI commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.

Use AWS Managed Microsoft AD to create groups

You can create at least three groups after you establish your Active Directory:

Amazon Quick Suite admins
Amazon Quick Suite authors
Amazon Quick Suite readers

Note: Only the Enterprise edition of Quick Suite supports AD Connector and AWS Managed Microsoft AD. For more information, see AWS Managed Microsoft AD best practices.

Use the AWS CLI Command to create groups

To use the AWS CLI to create and manage Quick Suite groups, you must first unsubscribe from Quick Suite. Then, re-subscribe and change how you connect to Quick Suite to use AWS Identity and Access Management (IAM) identities and Quick Suite managed users. For more information, see Identity and access management in Quick Suite.

Note: When you unsubscribe, Quick Suite deletes all users, data, and assets.

Related information

Can I use AWS Managed Microsoft AD to authenticate users in Quick Suite?

Topics: Analytics Business Applications
Tags: Amazon Quick Suite
Language: English

AWS OFFICIALUpdated 19 days ago

No comments

Relevant content

Unable to create Quicksuite Account
nsena
asked 25 days ago
amzlbiaquicksight account does not allow me to use Amazon Quick Suite platform
Accepted Answer
User-8168339
asked 22 days ago
Quicksight Signup Error | India | Quick suite
Devika
asked 7 days ago
Problems with the new data preparation experience in Quick Suite
SGuzman
asked a month ago
Custom chat agent not visible to team members in the Quick Suite Extension
Accepted Answer
User-9609984
asked 15 days ago
How do I resolve "Access denied" errors when I use Athena as a data source in Quick Suite?
AWS OFFICIALUpdated 19 days ago
How do I resolve SQL exception errors with custom SQL data sources in Quick Suite?
AWS OFFICIALUpdated 19 days ago
How do I resolve "no data on all visuals" errors when I send test email reports in Quick Suite?
AWS OFFICIALUpdated 23 days ago
How do I resolve errors when I generate embedded Quick Suite dashboard URLs for unregistered users?
AWS OFFICIALUpdated 19 days ago
How do I resolve the “ResourceLimitExceeded” error that I am seeing when trying to create resource AWS::SageMaker::NotebookInstance using CloudFormation?
EXPERT
Arjun
published 8 months ago