Create cross-account quicksight dashboard

2
votes

When trying to create a aws quicksight dashboard in Account B from a template in account A, I get an error

An error occurred (AccessDeniedException) when calling the CreateDashboard operation: User: arn:aws:sts::account B:assumed-role/ is not authorized to perform: quicksight:PassDataSet on resource: arn:aws:quicksight:us-east-1:account A:dataset/

I tried updating the permissions on the data set but it fails

when calling the UpdateDataSetPermissions operation: All principals in ResourcePermission list and the requester must be under the same account

So seems like I cannot give access to the dataset to a different account. How can I get past this issue or is it even possible to create a dashboard from a cross account dataset?

1
amazon-web-servicesamazon-quicksight

1 Answers

2
votes

We had exactly the same issue, and raised a ticket with AWS to find out how to share an analysis between accounts. There was an extra step after creating the template in Account A, that is to create another template in Account B ie:

From Account B, call Create template CLI : aws quicksight create-template --aws-account-id --template-id firsttemplate --source-entity file://TemplateFromtemplate.json --profile default

Content of TemplateFromtemplate.json file are as below :

{
  "SourceTemplate":{
    "Arn":"arn:aws:quicksight:us-east-1:<Account A ID>:template/firsttemplate"
  }
}

In summary, the steps we followed to successfully copy across an analysis:

  1. Create template in Account A from target analysis/data set.
  2. Update permissions in Account A template (to add Account B root user).
  3. Create template in Account B from Account A template.
  4. Create matching data set in Account B to the target data set in Account A.
  5. Create dashboard in Account B using template in Step 3 and data set in Step 4.
  6. Update the permissions of Account B dashboard to make it viewable in UI.
  7. If required, you can then use the "Save As" option in the UI to convert the dashboard back to an analysis for editing.