Group operations are not enabled for this account

I’m getting this error when using aws cli to list groups:

aws quicksight list-groups --aws-account-id xxxxxxxxx --namespace default

An error occurred (AccessDeniedException) when calling the ListGroups operation: Group operations are not enabled for this account.

When using the UI I get: ‘You are not authorized to list groups’.

In both cases I assume an aws role when connecting which have the following policies:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "*",
            "Resource": "*"
        }
    ]
}
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "quicksight:CreateGroup",
                "quicksight:ListGroups",
                "quicksight:DeleteGroup",
                "quicksight:UpdateGroup",
                "quicksight:DescribeGroup"
            ],
            "Resource": "arn:aws:quicksight:*:xxxxxxxxx:group/*"
        }
    ]
}

What could be the problem here? Is there anywhere I could get more info about the root cause?

Hi,

How are users and groups managed ? ( QuickSight Managed or AD managed ? ) . If AD managed , it will not be possible for public group api to list.

Regards,
Koushik

How are users and groups managed ? ( QuickSight Managed or AD managed ? )

@Koushik_Muthanna, They are QuickSight Managed.

BTW I’ve tried creating a new namespace and it works OK using the API. So the problem seems to be related to the default namespace.

Hi @jolivares ,

Are you still facing this issue ? . I would recommend filing a case with AWS Support where we can dive into the details so that we can help you further. Here are the steps to open a support case. If your company has someone who manages your AWS account, you might not have direct access to AWS Support and will need to raise an internal ticket to your IT team or whomever manages your AWS account. They should be able to open an AWS Support case on your behalf. Hope this helps!”

Regards,
Koushik

hi @jolivares, I am marking @Koushik_Muthanna recommendation as Solution, but let us know if this is not resolved. Thanks for posting your questions on the QuickSight Community Q&A Forum!

Regards,
Karthik