This happens in some namespaces but not others. We have confirmed there are users the namespace and we have relaxed all permissions to ensure it is not a permissions issue. In addition this user is an ADMIN.
Are there any other debugging steps I can take? What could be the issue here? Any help would be grateful.
Hey Max, thanks again for the replay (as always) … we discovered some new things this afternoon.
Here’s an example of my users:
Username
realm1/therock Dwayne Johnson djohnson@gmail.com
realm1/hklum Heidi Klum hklume@gmail.com
Results:
Searching for therock returns no results
Searching for realm1 returns no results
Searching for realm1/therock returns no results
Searching for djohnson returns realm1/therock (matching on email)
Searching for hklum returns realm1/hklum (probably matching on email)
So my speculation is the user search is broken when using the username. It may be specific to a multi tenant environment where you prefix a role with [roleArn short name]/ (if I’m understanding this right).
Also I tried pasting the ARN but it does not work; but I wouldn’t expect it to since the UI hint says “username, group, or email address”
One area we found some issue with using a QuickSight identityType instead of an IAM identityType, is when we were using CloudFormation to attach a principal to a QuickSight resource.
For some reason I think that was causing issues.
But if you use them as an IAM identityTpe then it works fine.