Hello, community. I am facing an issue where I can access and view a QuickSight dataset seamlessly from the AWS Management Console, but I am unable to do the same when using the AWS CLI. For instance, when I run the following command:
aws quicksight describe-data-set --aws-account-id $ACCOUNT --data-set-id 63c7e288-fa35-4a15-869e-bb2ba8e03b99 --region ca-central-1
I receive this error:
An error occurred (AccessDeniedException) when calling the DescribeDataSet operation: User: arn:aws:sts::464057898604:assumed-role/MPSDevOps/lianet.cylwik.lopez@vwfs.com is not authorized to access this resource
Details I’ve verified:
- The dataset is visible and manageable in the AWS Management Console.
- The AWS CLI is configured with the correct region (
ca-central-1). - My IAM role (MPSDevOps) has permissions that, to my understanding, should cover this operation.
What I’ve checked so far: I am aware that IAM roles sometimes have differences in how permissions are applied between the console and the CLI/API. The user MPSDevOps/lianet.cylwik.lopez@vwfs.com has access as “Owner + Viewer” in the console (as shown in the screenshot), but there seems to be an issue with CLI permissions.
Specific question: What additional steps or permissions might I need to configure to enable full access to the dataset through the CLI, similar to what I have in the AWS Management Console? Is there any specific setting related to how roles are assumed or applied differently between the console and the CLI that I should look into?
Any help or pointers would be greatly appreciated. Thank you!