Hello, I am following this article about sharing assets across namespaces using shared folders and I’ve come across some unexpected behaviour that I would appreciate some clarification on.
What I’ve done:
- Created a new namespace called ns-1
- Created a new group called ns-1-group-1
- Added a ns-1 local Admin user to ns-1-group-1
- Created a new Shared Folder called ns1-shared-folder
- Updated folder permissions of ns1-shared-folder by granting ns-1-group-1 with view only permission (
Actions=quicksight:DescribeFolder)
What I’ve noticed:
-
If I create an analysis in my default namespace, and add it to the ns1-shared-folder, the local Admin in ns-1 is not able to see the shared analysis in the ns1-shared-folder.
-
However, if I create a dashboard in my default namespace, and add it to the ns1-shared-folder, the local Admin in ns-1 is able to view the dashboard in the ns1-shared-folder.
-
If I update the folder permissions of ns1-shared-folder by granting ns-1-group-1 with full owner permission, then the local Admin in ns-1 is able to view the analysis in the ns1-shared-folder.
Is this behaviour expected?
I would expect the behaviour to be same regardless of whether I am sharing an Analysis or a Dashboard with an Admin/Author user. And in this case, I would have expected both the Analysis and Dashboard to be visible in the ns1-shared-folder in the ns-1 namespace to the local Admin.
Thanks