I want to grant edit and view analysis to a user.
However, it looks like quicksight requires all 7 permissions:
“quicksight:RestoreAnalysis”,
“quicksight:UpdateAnalysisPermissions”,
“quicksight:DeleteAnalysis”,
“quicksight:DescribeAnalysisPermissions”,
“quicksight:QueryAnalysis”,
“quicksight:DescribeAnalysis”,
“quicksight:UpdateAnalysis”
Is there anyway to prevent a user to delete an analysis ?
Hi @peterd,
Hope everything is well. I would definitely try following this documentation, as it states that as long as you have administrator privileges, you should be able to customize viewer/owner privileges for user. From your explanation above, I would look into DeleteAnalysis a little further. Let me know if this helps!
Hi,
I don’t think it helps at all.
i am trying to do this with boto3.
client.update_analysis_permissions(AwsAccountId=…,AnalysisId=…,GrantPermissions=[
{
“Principal’“:”arn of the principal”,
“Actions”: [
“quicksight:RestoreAnalysis”,
“quicksight:UpdateAnalysisPermissions”,
“quicksight:DescribeAnalysisPermissions”,
“quicksight:QueryAnalysis”,
“quicksight:DescribeAnalysis”,
“quicksight:UpdateAnalysis”
]
}
it threw this error:
ResourcePermission list contains unsupported permission sets ....
Valid set : [
"quicksight:RestoreAnalysis",
"quicksight:UpdateAnalysisPermissions",
"quicksight:DeleteAnalysis",
"quicksight:QueryAnalysis",
"quicksight:DescribeAnalysisPermissions",
"quicksight:DescribeAnalysis",
"quicksight:UpdateAnalysis"
]
I already check custom permission in Admin UI
there is no option to prevent a user to delete analyse.
Hi @peterd,
Thanks for your further clarification. After looking into this question further, it seems that you cannot remove or add specific permissions from the update_analysis call, as Quick Sight either allows users to have all permissions or none at all to provide distinction. However, I would definitely create a support ticket to see in case if there is a workaround AWS Support can assist with.
Hi @peterd,
Hope everything is well! Just checking back in since this thread hasn’t received a response in a while. Were you able to see my most recent message in regard to your question? If we do not hear back within the next 3 business days, I’ll go ahead and close out of this topic.
Thank you!
Hi @peterd,
Since we not heard back, I’ll go ahead and close this topic. However, if you have any additional questions, please feel free to post again in the Quick Suite Community and link this thread for any relevant information.
