Awso_quicksight.Values_2SourceDeletes a theme.
Deletes a topic refresh schedule.
Deletes a topic refresh schedule.
Deletes a topic.
Deletes a topic.
Deletes a user identified by its principal ID.
Deletes a custom permissions profile from a user.
Deletes a custom permissions profile from a user.
Deletes the Amazon Quick Sight user that is associated with the identity of the IAM user or role that's making the call. The IAM user isn't deleted as a result of this call.
Deletes the Amazon Quick Sight user that is associated with the identity of the IAM user or role that's making the call. The IAM user isn't deleted as a result of this call.
Deletes a VPC connection.
Deletes a VPC connection.
Describes the custom permissions profile that is applied to an account.
Describes the custom permissions profile that is applied to an account.
Describes the customizations associated with the provided Amazon Web Services account and Amazon Quick Sight namespace. The Quick Sight console evaluates which customizations to apply by running this API operation with the Resolved flag included. To determine what customizations display when you run this command, it can help to visualize the relationship of the entities involved. Amazon Web Services account - The Amazon Web Services account exists at the top of the hierarchy. It has the potential to use all of the Amazon Web Services Regions and Amazon Web Services Services. When you subscribe to Quick Sight, you choose one Amazon Web Services Region to use as your home Region. That's where your free SPICE capacity is located. You can use Quick Sight in any supported Amazon Web Services Region. Amazon Web Services Region - You can sign in to Quick Sight in any Amazon Web Services Region. If you have a user directory, it resides in us-east-1, which is US East (N. Virginia). Generally speaking, these users have access to Quick Sight in any Amazon Web Services Region, unless they are constrained to a namespace. To run the command in a different Amazon Web Services Region, you change your Region settings. If you're using the CLI, you can use one of the following options: Use command line options. Use named profiles. Run aws configure to change your default Amazon Web Services Region. Use Enter to key the same settings for your keys. For more information, see Configuring the CLI. Namespace - A Quick Sight namespace is a partition that contains users and assets (data sources, datasets, dashboards, and so on). To access assets that are in a specific namespace, users and groups must also be part of the same namespace. People who share a namespace are completely isolated from users and assets in other namespaces, even if they are in the same Amazon Web Services account and Amazon Web Services Region. Applied customizations - Quick Sight customizations can apply to an Amazon Web Services account or to a namespace. Settings that you apply to a namespace override settings that you apply to an Amazon Web Services account.
Describes the customizations associated with the provided Amazon Web Services account and Amazon Quick Sight namespace. The Quick Sight console evaluates which customizations to apply by running this API operation with the Resolved flag included. To determine what customizations display when you run this command, it can help to visualize the relationship of the entities involved. Amazon Web Services account - The Amazon Web Services account exists at the top of the hierarchy. It has the potential to use all of the Amazon Web Services Regions and Amazon Web Services Services. When you subscribe to Quick Sight, you choose one Amazon Web Services Region to use as your home Region. That's where your free SPICE capacity is located. You can use Quick Sight in any supported Amazon Web Services Region. Amazon Web Services Region - You can sign in to Quick Sight in any Amazon Web Services Region. If you have a user directory, it resides in us-east-1, which is US East (N. Virginia). Generally speaking, these users have access to Quick Sight in any Amazon Web Services Region, unless they are constrained to a namespace. To run the command in a different Amazon Web Services Region, you change your Region settings. If you're using the CLI, you can use one of the following options: Use command line options. Use named profiles. Run aws configure to change your default Amazon Web Services Region. Use Enter to key the same settings for your keys. For more information, see Configuring the CLI. Namespace - A Quick Sight namespace is a partition that contains users and assets (data sources, datasets, dashboards, and so on). To access assets that are in a specific namespace, users and groups must also be part of the same namespace. People who share a namespace are completely isolated from users and assets in other namespaces, even if they are in the same Amazon Web Services account and Amazon Web Services Region. Applied customizations - Quick Sight customizations can apply to an Amazon Web Services account or to a namespace. Settings that you apply to a namespace override settings that you apply to an Amazon Web Services account.
Describes the settings that were used when your Quick Sight subscription was first created in this Amazon Web Services account.
Describes the settings that were used when your Quick Sight subscription was first created in this Amazon Web Services account.
Use the DescribeAccountSubscription operation to receive a description of an Quick Sight account's subscription. A successful API call returns an AccountInfo object that includes an account's name, subscription status, authentication type, edition, and notification email address.
Use the DescribeAccountSubscription operation to receive a description of an Quick Sight account's subscription. A successful API call returns an AccountInfo object that includes an account's name, subscription status, authentication type, edition, and notification email address.
Retrieves the permissions configuration for an action connector, showing which users, groups, and namespaces have access and what operations they can perform.
Retrieves the permissions configuration for an action connector, showing which users, groups, and namespaces have access and what operations they can perform.
Retrieves detailed information about an action connector, including its configuration, authentication settings, enabled actions, and current status.
Retrieves detailed information about an action connector, including its configuration, authentication settings, enabled actions, and current status.
Provides a detailed description of the definition of an analysis. If you do not need to know details about the content of an Analysis, for instance if you are trying to check the status of a recently created or updated Analysis, use the DescribeAnalysis instead.
Provides a detailed description of the definition of an analysis. If you do not need to know details about the content of an Analysis, for instance if you are trying to check the status of a recently created or updated Analysis, use the DescribeAnalysis instead.
Provides the read and write permissions for an analysis.
Provides the read and write permissions for an analysis.
Provides a summary of the metadata for an analysis.
Provides a summary of the metadata for an analysis.
Describes an existing export job. Poll job descriptions after a job starts to know the status of the job. When a job succeeds, a URL is provided to download the exported assets' data from. Download URLs are valid for five minutes after they are generated. You can call the DescribeAssetBundleExportJob API for a new download URL as needed. Job descriptions are available for 14 days after the job starts.
Describes an existing export job. Poll job descriptions after a job starts to know the status of the job. When a job succeeds, a URL is provided to download the exported assets' data from. Download URLs are valid for five minutes after they are generated. You can call the DescribeAssetBundleExportJob API for a new download URL as needed. Job descriptions are available for 14 days after the job starts.
Describes an existing import job. Poll job descriptions after starting a job to know when it has succeeded or failed. Job descriptions are available for 14 days after job starts.
Describes an existing import job. Poll job descriptions after starting a job to know when it has succeeded or failed. Job descriptions are available for 14 days after job starts.
Retrieves the status and details of a specified automation job, including its status and outputs.
Retrieves the status and details of a specified automation job, including its status and outputs.
Describes a brand assignment.
Describes a brand assignment.
Describes the published version of the brand.
Describes the published version of the brand.
Describes a brand.
Describes a brand.
Describes a custom permissions profile.
Describes a custom permissions profile.
Provides a detailed description of the definition of a dashboard. If you do not need to know details about the content of a dashboard, for instance if you are trying to check the status of a recently created or updated dashboard, use the DescribeDashboard instead.
Provides a detailed description of the definition of a dashboard. If you do not need to know details about the content of a dashboard, for instance if you are trying to check the status of a recently created or updated dashboard, use the DescribeDashboard instead.
Describes read and write permissions for a dashboard.
Describes read and write permissions for a dashboard.
Provides a summary for a dashboard.
Provides a summary for a dashboard.
Describes an existing snapshot job. Poll job descriptions after a job starts to know the status of the job. For information on available status codes, see JobStatus. Registered user support This API can be called as before to get status of a job started by the same Quick Sight user. Possible error scenarios Request will fail with an Access Denied error in the following scenarios: The credentials have expired. Job has been started by a different user. Impersonated Quick Sight user doesn't have access to the specified dashboard in the job.
Use this structure to redact sensitive information that you provide about an anonymous user from the snapshot.
A structure that contains information about the users that the dashboard snapshot is generated for. Sensitive user information is excluded.
A structure that contains the information on the snapshot files.
A structure that contains information on the Amazon S3 destinations of the generated snapshot.
Describes the configuration of the dashboard snapshot.
Describes an existing snapshot job. Poll job descriptions after a job starts to know the status of the job. For information on available status codes, see JobStatus. Registered user support This API can be called as before to get status of a job started by the same Quick Sight user. Possible error scenarios Request will fail with an Access Denied error in the following scenarios: The credentials have expired. Job has been started by a different user. Impersonated Quick Sight user doesn't have access to the specified dashboard in the job.
Describes the result of an existing snapshot job that has finished running. A finished snapshot job will return a COMPLETED or FAILED status when you poll the job with a DescribeDashboardSnapshotJob API call. If the job has not finished running, this operation returns a message that says Dashboard Snapshot Job with id <SnapshotjobId> has not reached a terminal state.. Registered user support This API can be called as before to get the result of a job started by the same Quick Sight user. The result for the user will be returned in RegisteredUsers response attribute. The attribute will contain a list with at most one object in it. Possible error scenarios The request fails with an Access Denied error in the following scenarios: The credentials have expired. The job was started by a different user. The registered user doesn't have access to the specified dashboard. The request succeeds but the job fails in the following scenarios: DASHBOARD_ACCESS_DENIED - The registered user lost access to the dashboard. CAPABILITY_RESTRICTED - The registered user is restricted from exporting data in all selected formats. The request succeeds but the response contains an error code in the following scenarios: CAPABILITY_RESTRICTED - The registered user is restricted from exporting data in some selected formats. RLS_CHANGED - Row-level security settings have changed. Re-run the job with current settings. CLS_CHANGED - Column-level security settings have changed. Re-run the job with current settings. DATASET_DELETED - The dataset has been deleted. Verify the dataset exists before re-running the job.
A structure that contains information about files that are requested for registered user during a StartDashboardSnapshotJob API call.
An object that provides information on the result of a snapshot job. This object provides information about the job, the job status, and the location of the generated file.
An object that contains information on the error that caused the snapshot job to fail. For more information, see DescribeDashboardSnapshotJobResult API.
Describes the result of an existing snapshot job that has finished running. A finished snapshot job will return a COMPLETED or FAILED status when you poll the job with a DescribeDashboardSnapshotJob API call. If the job has not finished running, this operation returns a message that says Dashboard Snapshot Job with id <SnapshotjobId> has not reached a terminal state.. Registered user support This API can be called as before to get the result of a job started by the same Quick Sight user. The result for the user will be returned in RegisteredUsers response attribute. The attribute will contain a list with at most one object in it. Possible error scenarios The request fails with an Access Denied error in the following scenarios: The credentials have expired. The job was started by a different user. The registered user doesn't have access to the specified dashboard. The request succeeds but the job fails in the following scenarios: DASHBOARD_ACCESS_DENIED - The registered user lost access to the dashboard. CAPABILITY_RESTRICTED - The registered user is restricted from exporting data in all selected formats. The request succeeds but the response contains an error code in the following scenarios: CAPABILITY_RESTRICTED - The registered user is restricted from exporting data in some selected formats. RLS_CHANGED - Row-level security settings have changed. Re-run the job with current settings. CLS_CHANGED - Column-level security settings have changed. Re-run the job with current settings. DATASET_DELETED - The dataset has been deleted. Verify the dataset exists before re-running the job.
Describes an existing dashboard QA configuration.
Describes an existing dashboard QA configuration.
Describes the permissions on a dataset. The permissions resource is arn:aws:quicksight:region:aws-account-id:dataset/data-set-id.
Describes the permissions on a dataset. The permissions resource is arn:aws:quicksight:region:aws-account-id:dataset/data-set-id.
Describes the refresh properties of a dataset.
Describes the refresh properties of a dataset.
Describes a dataset. This operation doesn't support datasets that include uploaded files as a source.
Describes a dataset. This operation doesn't support datasets that include uploaded files as a source.
Describes the resource permissions for a data source.
Describes the resource permissions for a data source.
Describes a data source.
Describes a data source.
Describes a Amazon Q Business application that is linked to an Quick Sight account.
Describes a Amazon Q Business application that is linked to an Quick Sight account.
Describes permissions for a folder.
The NextToken value isn't valid.
Describes permissions for a folder.
Describes a folder.
Describes the folder resolved permissions. Permissions consists of both folder direct permissions and the inherited permissions from the ancestor folders.
Describes the folder resolved permissions. Permissions consists of both folder direct permissions and the inherited permissions from the ancestor folders.
Describes a folder.
Use the DescribeGroupMembership operation to determine if a user is a member of the specified group. If the user exists and is a member of the specified group, an associated GroupMember object is returned.
Use the DescribeGroupMembership operation to determine if a user is a member of the specified group. If the user exists and is a member of the specified group, an associated GroupMember object is returned.
Returns an Amazon Quick Sight group's description and Amazon Resource Name (ARN).
Returns an Amazon Quick Sight group's description and Amazon Resource Name (ARN).
Describes an existing IAM policy assignment, as specified by the assignment name.
An Identity and Access Management (IAM) policy assignment.
Describes an existing IAM policy assignment, as specified by the assignment name.
Describes a SPICE ingestion.
Describes a SPICE ingestion.
Provides a summary and status of IP rules.
Provides a summary and status of IP rules.
Describes all customer managed key registrations in a Quick Sight account.
A customer managed key structure that contains the information listed below: KeyArn - The ARN of a KMS key that is registered to a Quick Sight account for encryption and decryption use. DefaultKey - Indicates whether the current key is set as the default key for encryption and decryption use.
Describes all customer managed key registrations in a Quick Sight account.
Describes the current namespace.
Errors that occur during namespace creation.
The error type.
Describes the current namespace.
Describes a personalization configuration.
Describes a personalization configuration.
Describes the state of a Quick Sight Q Search configuration.
Describes the state of a Quick Sight Q Search configuration.
Provides a summary of a refresh schedule.
Provides a summary of a refresh schedule.
Describes all custom permissions that are mapped to a role.
Describes all custom permissions that are mapped to a role.
Describes the self-upgrade configuration for a Quick account.
The self-upgrade configuration for the Quick account.
One or more parameter has a value that isn't valid.
Describes the self-upgrade configuration for a Quick account.
Describes the template alias for a template.
Describes the template alias for a template.
Provides a detailed description of the definition of a template. If you do not need to know details about the content of a template, for instance if you are trying to check the status of a recently created or updated template, use the DescribeTemplate instead.
List of errors that occurred when the template version creation failed.
Provides a detailed description of the definition of a template. If you do not need to know details about the content of a template, for instance if you are trying to check the status of a recently created or updated template, use the DescribeTemplate instead.
Describes read and write permissions on a template.
Describes read and write permissions on a template.
Describes a template's metadata.
A version of a template.
A template object. A template is an entity in Quick Sight that encapsulates the metadata required to create an analysis and that you can use to create a dashboard. A template adds a layer of abstraction by using placeholders to replace the dataset associated with an analysis. You can use templates to create dashboards by replacing dataset placeholders with datasets that follow the same schema that was used to create the source analysis and template. You can share templates across Amazon Web Services accounts by allowing users in other Amazon Web Services accounts to create a template or a dashboard from an existing template.
Describes a template's metadata.
Describes the alias for a theme.
Describes the alias for a theme.
Describes the read and write permissions for a theme.
Describes the read and write permissions for a theme.
Describes a theme.
Theme error.
A version of a theme.
Describes a theme.
Describes the permissions of a topic.
Describes the permissions of a topic.
Describes the status of a topic refresh.
The details about the refresh of a topic.
Describes the status of a topic refresh.
Deletes a topic refresh schedule.
Deletes a topic refresh schedule.
Describes a topic.
Describes a topic.
Returns information about a user, given the user name.
Returns information about a user, given the user name.
Describes a VPC connection.
The structure that contains information about a network interface.
The structure of a VPC connection.
Describes a VPC connection.
The domain specified isn't on the allow list. All domains for embedded dashboards must be added to the approved list by an Amazon Quick Suite admin.
An entry that appears when a KeyRegistration update to Quick Sight fails.
The basic information of the flow exluding its definition specifying the steps.
An object that consists of a member Amazon Resource Name (ARN) and a member ID.
A filter to use to search an Quick Sight folder.
A summary of information about an existing Quick Sight folder.
The key-value pair used for the row-level security tags feature.
Generates an embed URL that you can use to embed an Amazon Quick dashboard or visual in your website, without having to register any reader users. Before you use this action, make sure that you have configured the dashboards and permissions. The following rules apply to the generated URL: It contains a temporary bearer token. It is valid for 5 minutes after it is generated. Once redeemed within this period, it cannot be re-used again. The URL validity period should not be confused with the actual session lifetime that can be customized using the SessionLifetimeInMinutes parameter. The resulting user session is valid for 15 minutes (minimum) to 10 hours (maximum). The default session duration is 10 hours. You are charged only when the URL is used or there is interaction with Amazon Quick. For more information, see Embedded Analytics in the Amazon Quick User Guide. For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon Quick Developer Portal.
This error indicates that you are calling an embedding operation in Amazon Quick Sight without the required pricing plan on your Amazon Web Services account. Before you can use embedding for anonymous users, a Quick Suite administrator needs to add capacity pricing to Quick Sight. You can do this on the Manage Quick Suite page. After capacity pricing is added, you can use the GetDashboardEmbedUrl API operation with the --identity-type ANONYMOUS option.
The number of minutes specified for the lifetime of a session isn't valid. The session lifetime must be 15-600 minutes.
Generates an embed URL that you can use to embed an Amazon Quick dashboard or visual in your website, without having to register any reader users. Before you use this action, make sure that you have configured the dashboards and permissions. The following rules apply to the generated URL: It contains a temporary bearer token. It is valid for 5 minutes after it is generated. Once redeemed within this period, it cannot be re-used again. The URL validity period should not be confused with the actual session lifetime that can be customized using the SessionLifetimeInMinutes parameter. The resulting user session is valid for 15 minutes (minimum) to 10 hours (maximum). The default session duration is 10 hours. You are charged only when the URL is used or there is interaction with Amazon Quick. For more information, see Embedded Analytics in the Amazon Quick User Guide. For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon Quick Developer Portal.
The threshold alerts configuration for an embedded Quick Sight dashboard.
The state perssitence configuration of an embedded dashboard.
The schedules configuration for an embedded Quick Sight dashboard.
The recent snapshots configuration for an embedded Quick Sight dashboard.
The feature configurations of an embedded Amazon Quick Sight console.
Information about the Amazon Quick Sight console that you want to embed.
An object that provides information about the configuration of a chat agent.
Information about the Q search bar embedding experience.
An object that provides information about the configuration of a Generative Q&A experience.
The experience that you are embedding. You can use this object to generate a url that embeds a visual into your application.
The feature configuration for an embedded dashboard.
Information about the dashboard you want to embed.
The type of experience you want to embed. For registered users, you can embed Quick dashboards or the Amazon Quick Sight console. Exactly one of the experience configurations is required. You can choose Dashboard or QuickSightConsole. You cannot choose more than one experience configuration.
Generates an embed URL that you can use to embed an Amazon Quick experience in your website. This action can be used for any type of user registered in an Amazon Quick account. Before you use this action, make sure that you have configured the relevant Amazon Quick resource and permissions. The following rules apply to the generated URL: It contains a temporary bearer token. It is valid for 5 minutes after it is generated. Once redeemed within this period, it cannot be re-used again. The URL validity period should not be confused with the actual session lifetime that can be customized using the SessionLifetimeInMinutes parameter. The resulting user session is valid for 15 minutes (minimum) to 10 hours (maximum). The default session duration is 10 hours. You are charged only when the URL is used or there is interaction with Amazon Quick. For more information, see Embedded Analytics in the Amazon Quick User Guide. For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon Quick Developer Portal.
The user with the provided name isn't found. This error can happen in any operation that requires finding a user based on a provided user name, such as DeleteUser, DescribeUser, and so on.
Generates an embed URL that you can use to embed an Amazon Quick experience in your website. This action can be used for any type of user registered in an Amazon Quick account. Before you use this action, make sure that you have configured the relevant Amazon Quick resource and permissions. The following rules apply to the generated URL: It contains a temporary bearer token. It is valid for 5 minutes after it is generated. Once redeemed within this period, it cannot be re-used again. The URL validity period should not be confused with the actual session lifetime that can be customized using the SessionLifetimeInMinutes parameter. The resulting user session is valid for 15 minutes (minimum) to 10 hours (maximum). The default session duration is 10 hours. You are charged only when the URL is used or there is interaction with Amazon Quick. For more information, see Embedded Analytics in the Amazon Quick User Guide. For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon Quick Developer Portal.
Generates an embed URL that you can use to embed an Amazon Quick Sight experience in your website. This action can be used for any type of user that is registered in an Amazon Quick Sight account that uses IAM Identity Center for authentication. This API requires identity-enhanced IAM Role sessions for the authenticated user that the API call is being made for. This API uses trusted identity propagation to ensure that an end user is authenticated and receives the embed URL that is specific to that user. The IAM Identity Center application that the user has logged into needs to have trusted Identity Propagation enabled for Amazon Quick Sight with the scope value set to quicksight:read. Before you use this action, make sure that you have configured the relevant Amazon Quick Sight resource and permissions.
Generates an embed URL that you can use to embed an Amazon Quick Sight experience in your website. This action can be used for any type of user that is registered in an Amazon Quick Sight account that uses IAM Identity Center for authentication. This API requires identity-enhanced IAM Role sessions for the authenticated user that the API call is being made for. This API uses trusted identity propagation to ensure that an end user is authenticated and receives the embed URL that is specific to that user. The IAM Identity Center application that the user has logged into needs to have trusted Identity Propagation enabled for Amazon Quick Sight with the scope value set to quicksight:read. Before you use this action, make sure that you have configured the relevant Amazon Quick Sight resource and permissions.
The QA result that is made from generated answer.
Generates a temporary session URL and authorization code(bearer token) that you can use to embed an Amazon Quick Sight read-only dashboard in your website or application. Before you use this command, make sure that you have configured the dashboards and permissions. Currently, you can use GetDashboardEmbedURL only from the server, not from the user's browser. The following rules apply to the generated URL: They must be used together. They can be used one time only. They are valid for 5 minutes after you run this command. You are charged only when the URL is used or there is interaction with Quick. The resulting user session is valid for 15 minutes (default) up to 10 hours (maximum). You can use the optional SessionLifetimeInMinutes parameter to customize session duration. For more information, see Embedding Analytics Using GetDashboardEmbedUrl in the Amazon Quick User Guide. For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon Quick Developer Portal.
The identity type specified isn't supported. Supported identity types include IAM and QUICKSIGHT.
Output returned from the GetDashboardEmbedUrl operation.
Retrieves the metadata of a flow, not including its definition specifying the steps.
Retrieves the metadata of a flow, not including its definition specifying the steps.
Get permissions for a flow.
A structure that contains the permission information for one principal against one flow.
Get permissions for a flow.
A structure that contains information to identify a user.
///////////////////////// /////////////////////////
Retrieves the identity context for a Quick Sight user in a specified namespace, allowing you to obtain identity tokens that can be used with identity-enhanced IAM role sessions to call identity-aware APIs. Currently, you can call the following APIs with identity-enhanced Credentials StartDashboardSnapshotJob DescribeDashboardSnapshotJob DescribeDashboardSnapshotJobResult Supported Authentication Methods This API supports Quick Sight native users, IAM federated users, and Active Directory users. For Quick Sight users authenticated by Amazon Web Services Identity Center, see Identity Center documentation on identity-enhanced IAM role sessions. Supported Regions The GetIdentityContext API works only in regions that support at least one of these identity types: Amazon Quick Sight native identity IAM federated identity Active Directory To use this API successfully, call it in the same region where your user's identity resides. For example, if your user's identity is in us-east-1, make the API call in us-east-1. For more information about managing identities in Amazon Quick Sight, see Identity and access management in Amazon Quick Sight in the Amazon Quick Sight User Guide. Getting Identity-Enhanced Credentials To obtain identity-enhanced credentials, follow these steps: Call the GetIdentityContext API to retrieve an identity token for the specified user. Use the identity token with the STS AssumeRole API to obtain identity-enhanced IAM role session credentials. Usage with STS AssumeRole The identity token returned by this API should be used with the STS AssumeRole API to obtain credentials for an identity-enhanced IAM role session. When calling AssumeRole, include the identity token in the ProvidedContexts parameter with ProviderArn set to arn:aws:iam::aws:contextProvider/QuickSight and ContextAssertion set to the identity token received from this API. The assumed role must allow the sts:SetContext action in addition to sts:AssumeRole in its trust relationship policy. The trust policy should include both actions for the principal that will be assuming the role.
Generates a session URL and authorization code that you can use to embed the Amazon Amazon Quick Sight console in your web server code. Use GetSessionEmbedUrl where you want to provide an authoring portal that allows users to create data sources, datasets, analyses, and dashboards. The users who access an embedded Amazon Quick Sight console need belong to the author or admin security cohort. If you want to restrict permissions to some of these features, add a custom permissions profile to the user with the UpdateUser API operation. Use RegisterUser API operation to add a new user with a custom permission profile attached. For more information, see the following sections in the Amazon Quick User Guide: Embedding Analytics Customizing Access to the Amazon Quick Console
Generates a session URL and authorization code that you can use to embed the Amazon Amazon Quick Sight console in your web server code. Use GetSessionEmbedUrl where you want to provide an authoring portal that allows users to create data sources, datasets, analyses, and dashboards. The users who access an embedded Amazon Quick Sight console need belong to the author or admin security cohort. If you want to restrict permissions to some of these features, add a custom permissions profile to the user with the UpdateUser API operation. Use RegisterUser API operation to add a new user with a custom permission profile attached. For more information, see the following sections in the Amazon Quick User Guide: Embedding Analytics Customizing Access to the Amazon Quick Console
A GroupSearchFilter object that you want to apply to your search.
IAM policy assignment summary.
Lists all action connectors in the specified Amazon Web Services account. Returns summary information for each connector including its name, type, creation time, and status.
Lists all action connectors in the specified Amazon Web Services account. Returns summary information for each connector including its name, type, creation time, and status.
Lists Amazon Quick Sight analyses that exist in the specified Amazon Web Services account.
Lists Amazon Quick Sight analyses that exist in the specified Amazon Web Services account.
Lists all asset bundle export jobs that have been taken place in the last 14 days. Jobs created more than 14 days ago are deleted forever and are not returned. If you are using the same job ID for multiple jobs, ListAssetBundleExportJobs only returns the most recent job that uses the repeated job ID.
Lists all asset bundle export jobs that have been taken place in the last 14 days. Jobs created more than 14 days ago are deleted forever and are not returned. If you are using the same job ID for multiple jobs, ListAssetBundleExportJobs only returns the most recent job that uses the repeated job ID.
Lists all asset bundle import jobs that have taken place in the last 14 days. Jobs created more than 14 days ago are deleted forever and are not returned. If you are using the same job ID for multiple jobs, ListAssetBundleImportJobs only returns the most recent job that uses the repeated job ID.
Lists all asset bundle import jobs that have taken place in the last 14 days. Jobs created more than 14 days ago are deleted forever and are not returned. If you are using the same job ID for multiple jobs, ListAssetBundleImportJobs only returns the most recent job that uses the repeated job ID.
Lists all brands in an Quick Sight account.
Lists all brands in an Quick Sight account.
Returns a list of all the custom permissions profiles.
Returns a list of all the custom permissions profiles.
Lists all the versions of the dashboards in the Amazon Quick Sight subscription.
Lists all the versions of the dashboards in the Amazon Quick Sight subscription.
Lists dashboards in an Amazon Web Services account.
Lists dashboards in an Amazon Web Services account.
Lists all of the datasets belonging to the current Amazon Web Services account in an Amazon Web Services Region. The permissions resource is arn:aws:quicksight:region:aws-account-id:dataset/*.
Lists all of the datasets belonging to the current Amazon Web Services account in an Amazon Web Services Region. The permissions resource is arn:aws:quicksight:region:aws-account-id:dataset/*.
Lists data sources in current Amazon Web Services Region that belong to this Amazon Web Services account.
Lists data sources in current Amazon Web Services Region that belong to this Amazon Web Services account.
Lists flows in an Amazon Web Services account.
Lists flows in an Amazon Web Services account.
List all assets (DASHBOARD, ANALYSIS, and DATASET) in a folder.
List all assets (DASHBOARD, ANALYSIS, and DATASET) in a folder.
List all folders that a resource is a member of.
List all folders that a resource is a member of.
Lists all folders in an account.
Lists all folders in an account.
Lists member users in a group.
Lists member users in a group.
Lists all user groups in Amazon Quick Sight.
Lists all user groups in Amazon Quick Sight.
Lists all of the IAM policy assignments, including the Amazon Resource Names (ARNs), for the IAM policies assigned to the specified user and group, or groups that the user belongs to.
Lists all of the IAM policy assignments, including the Amazon Resource Names (ARNs), for the IAM policies assigned to the specified user and group, or groups that the user belongs to.
Lists the IAM policy assignments in the current Amazon Quick Sight account.
Lists the IAM policy assignments in the current Amazon Quick Sight account.
Lists all services and authorized targets that the Quick Sight IAM Identity Center application can access. This operation is only supported for Quick Sight accounts that use IAM Identity Center.
Lists all services and authorized targets that the Quick Sight IAM Identity Center application can access. This operation is only supported for Quick Sight accounts that use IAM Identity Center.
Lists the history of SPICE ingestions for a dataset. Limited to 5 TPS per user and 25 TPS per account.
Lists the history of SPICE ingestions for a dataset. Limited to 5 TPS per user and 25 TPS per account.
Lists the namespaces for the specified Amazon Web Services account. This operation doesn't list deleted namespaces.
Lists the namespaces for the specified Amazon Web Services account. This operation doesn't list deleted namespaces.
Lists the refresh schedules of a dataset. Each dataset can have up to 5 schedules.
Lists the refresh schedules of a dataset. Each dataset can have up to 5 schedules.
Lists all groups that are associated with a role.
Lists all groups that are associated with a role.
Lists all self-upgrade requests for a Quick account.
Details of a self-upgrade request.
Lists all self-upgrade requests for a Quick account.
Lists the tags assigned to a resource.
Lists the tags assigned to a resource.
Lists all the aliases of a template.
Lists all the aliases of a template.
Lists all the versions of the templates in the current Amazon Quick Sight account.
The template version.
Lists all the versions of the templates in the current Amazon Quick Sight account.
Lists all the templates in the current Amazon Quick Sight account.
The template summary.
Lists all the templates in the current Amazon Quick Sight account.
Lists all the aliases of a theme.
Lists all the aliases of a theme.
Lists all the versions of the themes in the current Amazon Web Services account.
The theme version.
Lists all the versions of the themes in the current Amazon Web Services account.
Lists all the themes in the current Amazon Web Services account.
The theme summary.
Lists all the themes in the current Amazon Web Services account.
Lists all of the refresh schedules for a topic.
A summary of the refresh schedule details for a dataset.
Lists all of the refresh schedules for a topic.
Lists all reviewed answers for a Q Topic.
The deinition for a TopicReviewedAnswer.
Lists all reviewed answers for a Q Topic.
Lists all of the topics within an account.
A topic summary.
Lists all of the topics within an account.
Lists the Amazon Quick Sight groups that an Amazon Quick Sight user is a member of.
Lists the Amazon Quick Sight groups that an Amazon Quick Sight user is a member of.
Returns a list of all of the Amazon Quick Sight users belonging to this account.
Returns a list of all of the Amazon Quick Sight users belonging to this account.
Lists all of the VPC connections in the current set Amazon Web Services Region of an Amazon Web Services account.
The summary metadata that describes a VPC connection.
Lists all of the VPC connections in the current set Amazon Web Services Region of an Amazon Web Services account.
Predicts existing visuals or generates new visuals to answer a given query. This API uses trusted identity propagation to ensure that an end user is authenticated and receives the embed URL that is specific to that user. The IAM Identity Center application that the user has logged into needs to have trusted Identity Propagation enabled for Quick with the scope value set to quicksight:read. Before you use this action, make sure that you have configured the relevant Quick resource and permissions. We recommend enabling the QSearchStatus API to unlock the full potential of PredictQnA. When QSearchStatus is enabled, it first checks the specified dashboard for any existing visuals that match the question. If no matching visuals are found, PredictQnA uses generative Q&A to provide an answer. To update the QSearchStatus, see UpdateQuickSightQSearchConfiguration.
The QA result that is made from the DashboardVisual or GeneratedAnswer.
Predicts existing visuals or generates new visuals to answer a given query. This API uses trusted identity propagation to ensure that an end user is authenticated and receives the embed URL that is specific to that user. The IAM Identity Center application that the user has logged into needs to have trusted Identity Propagation enabled for Quick with the scope value set to quicksight:read. Before you use this action, make sure that you have configured the relevant Quick resource and permissions. We recommend enabling the QSearchStatus API to unlock the full potential of PredictQnA. When QSearchStatus is enabled, it first checks the specified dashboard for any existing visuals that match the question. If no matching visuals are found, PredictQnA uses generative Q&A to provide an answer. To update the QSearchStatus, see UpdateQuickSightQSearchConfiguration.
Creates or updates the dataset refresh properties for the dataset.
Creates or updates the dataset refresh properties for the dataset.
Creates an Amazon Quick Sight user whose identity is associated with the Identity and Access Management (IAM) identity or role specified in the request. When you register a new user from the Quick Sight API, Quick Sight generates a registration URL. The user accesses this registration URL to create their account. Quick Sight doesn't send a registration email to users who are registered from the Quick Sight API. If you want new users to receive a registration email, then add those users in the Quick Sight console. For more information on registering a new user in the Quick Sight console, see Inviting users to access Quick Sight.
Creates an Amazon Quick Sight user whose identity is associated with the Identity and Access Management (IAM) identity or role specified in the request. When you register a new user from the Quick Sight API, Quick Sight generates a registration URL. The user accesses this registration URL to create their account. Quick Sight doesn't send a registration email to users who are registered from the Quick Sight API. If you want new users to receive a registration email, then add those users in the Quick Sight console. For more information on registering a new user in the Quick Sight console, see Inviting users to access Quick Sight.
Restores an analysis.
Restores an analysis.
Searches for action connectors in the specified Amazon Web Services account using filters. You can search by connector name, type, or user permissions.
Searches for action connectors in the specified Amazon Web Services account using filters. You can search by connector name, type, or user permissions.
Searches for analyses that belong to the user specified in the filter. This operation is eventually consistent. The results are best effort and may not reflect very recent updates and changes.
Searches for analyses that belong to the user specified in the filter. This operation is eventually consistent. The results are best effort and may not reflect very recent updates and changes.
Searches for dashboards that belong to a user. This operation is eventually consistent. The results are best effort and may not reflect very recent updates and changes.
Searches for dashboards that belong to a user. This operation is eventually consistent. The results are best effort and may not reflect very recent updates and changes.
Use the SearchDataSets operation to search for datasets that belong to an account.
Use the SearchDataSets operation to search for datasets that belong to an account.
Use the SearchDataSources operation to search for data sources that belong to an account.
Use the SearchDataSources operation to search for data sources that belong to an account.
A structure that contains the filter information when searching flows.
Search for the flows in an Amazon Web Services account.
Search for the flows in an Amazon Web Services account.
Searches the subfolders in a folder.
Searches the subfolders in a folder.
Use the SearchGroups operation to search groups in a specified Quick Sight namespace using the supplied filters.
Use the SearchGroups operation to search groups in a specified Quick Sight namespace using the supplied filters.
The filter that is used to search for a topic.
Searches for any Q topic that exists in an Quick account.
Searches for any Q topic that exists in an Quick account.
A structure that contains information on the anonymous user configuration.
A structure that contains information about the users that the dashboard snapshot is generated for. When using identity-enhanced session credentials, set the UserConfiguration request attribute to null. Otherwise, the request will be invalid.
Starts an Asset Bundle export job. An Asset Bundle export job exports specified Amazon Quick Sight assets. You can also choose to export any asset dependencies in the same job. Export jobs run asynchronously and can be polled with a DescribeAssetBundleExportJob API call. When a job is successfully completed, a download URL that contains the exported assets is returned. The URL is valid for 5 minutes and can be refreshed with a DescribeAssetBundleExportJob API call. Each Amazon Quick Sight account can run up to 5 export jobs concurrently. The API caller must have the necessary permissions in their IAM role to access each resource before the resources can be exported.
Starts an Asset Bundle export job. An Asset Bundle export job exports specified Amazon Quick Sight assets. You can also choose to export any asset dependencies in the same job. Export jobs run asynchronously and can be polled with a DescribeAssetBundleExportJob API call. When a job is successfully completed, a download URL that contains the exported assets is returned. The URL is valid for 5 minutes and can be refreshed with a DescribeAssetBundleExportJob API call. Each Amazon Quick Sight account can run up to 5 export jobs concurrently. The API caller must have the necessary permissions in their IAM role to access each resource before the resources can be exported.
Starts an Asset Bundle import job. An Asset Bundle import job imports specified Amazon Quick Sight assets into an Amazon Quick Sight account. You can also choose to import a naming prefix and specified configuration overrides. The assets that are contained in the bundle file that you provide are used to create or update a new or existing asset in your Amazon Quick Sight account. Each Amazon Quick Sight account can run up to 5 import jobs concurrently. The API caller must have the necessary "create", "describe", and "update" permissions in their IAM role to access each resource type that is contained in the bundle file before the resources can be imported.
Starts an Asset Bundle import job. An Asset Bundle import job imports specified Amazon Quick Sight assets into an Amazon Quick Sight account. You can also choose to import a naming prefix and specified configuration overrides. The assets that are contained in the bundle file that you provide are used to create or update a new or existing asset in your Amazon Quick Sight account. Each Amazon Quick Sight account can run up to 5 import jobs concurrently. The API caller must have the necessary "create", "describe", and "update" permissions in their IAM role to access each resource type that is contained in the bundle file before the resources can be imported.
Starts a new job for a specified automation. The job runs the automation with the provided input payload.
Starts a new job for a specified automation. The job runs the automation with the provided input payload.
Starts an asynchronous job that generates a snapshot of a dashboard's output. You can request one or several of the following format configurations in each API call. 1 PDF 1 Excel workbook that includes up to 5 table or pivot table visuals 5 CSVs from table or pivot table visuals Exporting CSV, Excel, or Pixel Perfect PDF reports requires Pixel Perfect Report Add-on. The status of a submitted job can be polled with the DescribeDashboardSnapshotJob API. When you call the DescribeDashboardSnapshotJob API, check the JobStatus field in the response. Once the job reaches a COMPLETED or FAILED status, use the DescribeDashboardSnapshotJobResult API to obtain the URLs for the generated files. If the job fails, the DescribeDashboardSnapshotJobResult API returns detailed information about the error that occurred. StartDashboardSnapshotJob API throttling Quick Sight utilizes API throttling to create a more consistent user experience within a time span for customers when they call the StartDashboardSnapshotJob. By default, 12 jobs can run simlutaneously in one Amazon Web Services account and users can submit up 10 API requests per second before an account is throttled. If an overwhelming number of API requests are made by the same user in a short period of time, Quick Sight throttles the API calls to maintin an optimal experience and reliability for all Quick Sight users. Common throttling scenarios The following list provides information about the most commin throttling scenarios that can occur. A large number of SnapshotExport API jobs are running simultaneously on an Amazon Web Services account. When a new StartDashboardSnapshotJob is created and there are already 12 jobs with the RUNNING status, the new job request fails and returns a LimitExceededException error. Wait for a current job to comlpete before you resubmit the new job. A large number of API requests are submitted on an Amazon Web Services account. When a user makes more than 10 API calls to the Quick Sight API in one second, a ThrottlingException is returned. If your use case requires a higher throttling limit, contact your account admin or Amazon Web ServicesSupport to explore options to tailor a more optimal expereince for your account. Best practices to handle throttling If your use case projects high levels of API traffic, try to reduce the degree of frequency and parallelism of API calls as much as you can to avoid throttling. You can also perform a timing test to calculate an estimate for the total processing time of your projected load that stays within the throttling limits of the Quick Sight APIs. For example, if your projected traffic is 100 snapshot jobs before 12:00 PM per day, start 12 jobs in parallel and measure the amount of time it takes to proccess all 12 jobs. Once you obtain the result, multiply the duration by 9, for example (12 minutes * 9 = 108 minutes). Use the new result to determine the latest time at which the jobs need to be started to meet your target deadline. The time that it takes to process a job can be impacted by the following factors: The dataset type (Direct Query or SPICE). The size of the dataset. The complexity of the calculated fields that are used in the dashboard. The number of visuals that are on a sheet. The types of visuals that are on the sheet. The number of formats and snapshots that are requested in the job configuration. The size of the generated snapshots. Registered user support You can generate snapshots for registered Quick Sight users by using the Snapshot Job APIs with identity-enhanced IAM role session credentials. This approach allows you to create snapshots on behalf of specific Quick Sight users while respecting their row-level security (RLS), column-level security (CLS), dynamic default parameters and dashboard parameter/filter settings. To generate snapshots for registered Quick Sight users, you need to: Obtain identity-enhanced IAM role session credentials from Amazon Web Services Security Token Service (STS). Use these credentials to call the Snapshot Job APIs. Identity-enhanced credentials are credentials that contain information about the end user (e.g., registered Quick Sight user). If your Quick Sight users are backed by Amazon Web Services Identity Center, then you need to set up a trusted token issuer. Then, getting identity-enhanced IAM credentials for a Quick Sight user will look like the following: Authenticate user with your OIDC compliant Identity Provider. You should get auth tokens back. Use the OIDC API, CreateTokenWithIAM, to exchange auth tokens to IAM tokens. One of the resulted tokens will be identity token. Call STS AssumeRole API as you normally would, but provide an extra ProvidedContexts parameter in the API request. The list of contexts must have a single trusted context assertion. The ProviderArn should be arn:aws:iam::aws:contextProvider/IdentityCenter while ContextAssertion will be the identity token you received in response from CreateTokenWithIAM For more details, see IdC documentation on Identity-enhanced IAM role sessions. To obtain Identity-enhanced credentials for Quick Sight native users, IAM federated users, or Active Directory users, follow the steps below: Call Quick Sight GetIdentityContext API to get identity token. Call STS AssumeRole API as you normally would, but provide extra ProvidedContexts parameter in the API request. The list of contexts must have a single trusted context assertion. The ProviderArn should be arn:aws:iam::aws:contextProvider/QuickSight while ContextAssertion will be the identity token you received in response from GetIdentityContext After obtaining the identity-enhanced IAM role session credentials, you can use them to start a job, describe the job and describe job result. You can use the same credentials as long as they haven't expired. All API requests made with these credentials are considered to be made by the impersonated Quick Sight user. When using identity-enhanced session credentials, set the UserConfiguration request attribute to null. Otherwise, the request will be invalid. Possible error scenarios The request fails with an Access Denied error in the following scenarios: The credentials have expired. The impersonated Quick Sight user doesn't have access to the specified dashboard. The impersonated Quick Sight user is restricted from exporting data in the selected formats. For more information about export restrictions, see Customizing access to Amazon Quick Sight capabilities.
Starts an asynchronous job that generates a snapshot of a dashboard's output. You can request one or several of the following format configurations in each API call. 1 PDF 1 Excel workbook that includes up to 5 table or pivot table visuals 5 CSVs from table or pivot table visuals Exporting CSV, Excel, or Pixel Perfect PDF reports requires Pixel Perfect Report Add-on. The status of a submitted job can be polled with the DescribeDashboardSnapshotJob API. When you call the DescribeDashboardSnapshotJob API, check the JobStatus field in the response. Once the job reaches a COMPLETED or FAILED status, use the DescribeDashboardSnapshotJobResult API to obtain the URLs for the generated files. If the job fails, the DescribeDashboardSnapshotJobResult API returns detailed information about the error that occurred. StartDashboardSnapshotJob API throttling Quick Sight utilizes API throttling to create a more consistent user experience within a time span for customers when they call the StartDashboardSnapshotJob. By default, 12 jobs can run simlutaneously in one Amazon Web Services account and users can submit up 10 API requests per second before an account is throttled. If an overwhelming number of API requests are made by the same user in a short period of time, Quick Sight throttles the API calls to maintin an optimal experience and reliability for all Quick Sight users. Common throttling scenarios The following list provides information about the most commin throttling scenarios that can occur. A large number of SnapshotExport API jobs are running simultaneously on an Amazon Web Services account. When a new StartDashboardSnapshotJob is created and there are already 12 jobs with the RUNNING status, the new job request fails and returns a LimitExceededException error. Wait for a current job to comlpete before you resubmit the new job. A large number of API requests are submitted on an Amazon Web Services account. When a user makes more than 10 API calls to the Quick Sight API in one second, a ThrottlingException is returned. If your use case requires a higher throttling limit, contact your account admin or Amazon Web ServicesSupport to explore options to tailor a more optimal expereince for your account. Best practices to handle throttling If your use case projects high levels of API traffic, try to reduce the degree of frequency and parallelism of API calls as much as you can to avoid throttling. You can also perform a timing test to calculate an estimate for the total processing time of your projected load that stays within the throttling limits of the Quick Sight APIs. For example, if your projected traffic is 100 snapshot jobs before 12:00 PM per day, start 12 jobs in parallel and measure the amount of time it takes to proccess all 12 jobs. Once you obtain the result, multiply the duration by 9, for example (12 minutes * 9 = 108 minutes). Use the new result to determine the latest time at which the jobs need to be started to meet your target deadline. The time that it takes to process a job can be impacted by the following factors: The dataset type (Direct Query or SPICE). The size of the dataset. The complexity of the calculated fields that are used in the dashboard. The number of visuals that are on a sheet. The types of visuals that are on the sheet. The number of formats and snapshots that are requested in the job configuration. The size of the generated snapshots. Registered user support You can generate snapshots for registered Quick Sight users by using the Snapshot Job APIs with identity-enhanced IAM role session credentials. This approach allows you to create snapshots on behalf of specific Quick Sight users while respecting their row-level security (RLS), column-level security (CLS), dynamic default parameters and dashboard parameter/filter settings. To generate snapshots for registered Quick Sight users, you need to: Obtain identity-enhanced IAM role session credentials from Amazon Web Services Security Token Service (STS). Use these credentials to call the Snapshot Job APIs. Identity-enhanced credentials are credentials that contain information about the end user (e.g., registered Quick Sight user). If your Quick Sight users are backed by Amazon Web Services Identity Center, then you need to set up a trusted token issuer. Then, getting identity-enhanced IAM credentials for a Quick Sight user will look like the following: Authenticate user with your OIDC compliant Identity Provider. You should get auth tokens back. Use the OIDC API, CreateTokenWithIAM, to exchange auth tokens to IAM tokens. One of the resulted tokens will be identity token. Call STS AssumeRole API as you normally would, but provide an extra ProvidedContexts parameter in the API request. The list of contexts must have a single trusted context assertion. The ProviderArn should be arn:aws:iam::aws:contextProvider/IdentityCenter while ContextAssertion will be the identity token you received in response from CreateTokenWithIAM For more details, see IdC documentation on Identity-enhanced IAM role sessions. To obtain Identity-enhanced credentials for Quick Sight native users, IAM federated users, or Active Directory users, follow the steps below: Call Quick Sight GetIdentityContext API to get identity token. Call STS AssumeRole API as you normally would, but provide extra ProvidedContexts parameter in the API request. The list of contexts must have a single trusted context assertion. The ProviderArn should be arn:aws:iam::aws:contextProvider/QuickSight while ContextAssertion will be the identity token you received in response from GetIdentityContext After obtaining the identity-enhanced IAM role session credentials, you can use them to start a job, describe the job and describe job result. You can use the same credentials as long as they haven't expired. All API requests made with these credentials are considered to be made by the impersonated Quick Sight user. When using identity-enhanced session credentials, set the UserConfiguration request attribute to null. Otherwise, the request will be invalid. Possible error scenarios The request fails with an Access Denied error in the following scenarios: The credentials have expired. The impersonated Quick Sight user doesn't have access to the specified dashboard. The impersonated Quick Sight user is restricted from exporting data in the selected formats. For more information about export restrictions, see Customizing access to Amazon Quick Sight capabilities.
Starts an asynchronous job that runs an existing dashboard schedule and sends the dashboard snapshot through email. Only one job can run simultaneously in a given schedule. Repeated requests are skipped with a 202 HTTP status code. For more information, see Scheduling and sending Amazon Quick Sight reports by email and Configuring email report settings for a Amazon Quick Sight dashboard in the Amazon Quick Sight User Guide.
Starts an asynchronous job that runs an existing dashboard schedule and sends the dashboard snapshot through email. Only one job can run simultaneously in a given schedule. Repeated requests are skipped with a 202 HTTP status code. For more information, see Scheduling and sending Amazon Quick Sight reports by email and Configuring email report settings for a Amazon Quick Sight dashboard in the Amazon Quick Sight User Guide.
A success entry that occurs when a KeyRegistration job is successfully applied to the Quick Sight account.
Assigns one or more tags (key-value pairs) to the specified Amazon Quick Sight resource. Tags can help you organize and categorize your resources. You can also use them to scope user permissions, by granting a user permission to access or change only resources with certain tag values. You can use the TagResource operation with a resource that already has tags. If you specify a new tag key for the resource, this tag is appended to the list of tags associated with the resource. If you specify a tag key that is already associated with the resource, the new tag value that you specify replaces the previous value for that tag. You can associate as many as 50 tags with a resource. Amazon Quick Sight supports tagging on data set, data source, dashboard, template, topic, and user. Tagging for Amazon Quick Sight works in a similar way to tagging for other Amazon Web Services services, except for the following: Tags are used to track costs for users in Amazon Quick Sight. You can't tag other resources that Amazon Quick Sight costs are based on, such as storage capacoty (SPICE), session usage, alert consumption, or reporting units. Amazon Quick Sight doesn't currently support the tag editor for Resource Groups.
Assigns one or more tags (key-value pairs) to the specified Amazon Quick Sight resource. Tags can help you organize and categorize your resources. You can also use them to scope user permissions, by granting a user permission to access or change only resources with certain tag values. You can use the TagResource operation with a resource that already has tags. If you specify a new tag key for the resource, this tag is appended to the list of tags associated with the resource. If you specify a tag key that is already associated with the resource, the new tag value that you specify replaces the previous value for that tag. You can associate as many as 50 tags with a resource. Amazon Quick Sight supports tagging on data set, data source, dashboard, template, topic, and user. Tagging for Amazon Quick Sight works in a similar way to tagging for other Amazon Web Services services, except for the following: Tags are used to track costs for users in Amazon Quick Sight. You can't tag other resources that Amazon Quick Sight costs are based on, such as storage capacoty (SPICE), session usage, alert consumption, or reporting units. Amazon Quick Sight doesn't currently support the tag editor for Resource Groups.
Removes a tag or tags from a resource.
Removes a tag or tags from a resource.
Applies a custom permissions profile to an account.
Applies a custom permissions profile to an account.
Updates Amazon Quick Sight customizations. Currently, the only customization that you can use is a theme. You can use customizations for your Amazon Web Services account or, if you specify a namespace, for a Quick Sight namespace instead. Customizations that apply to a namespace override customizations that apply to an Amazon Web Services account. To find out which customizations apply, use the DescribeAccountCustomization API operation.
Updates Amazon Quick Sight customizations. Currently, the only customization that you can use is a theme. You can use customizations for your Amazon Web Services account or, if you specify a namespace, for a Quick Sight namespace instead. Customizations that apply to a namespace override customizations that apply to an Amazon Web Services account. To find out which customizations apply, use the DescribeAccountCustomization API operation.
Updates the Amazon Quick Sight settings in your Amazon Web Services account.
Updates the Amazon Quick Sight settings in your Amazon Web Services account.
Updates the permissions for an action connector by granting or revoking access for specific users and groups. You can control who can view, use, or manage the action connector.
Updates the permissions for an action connector by granting or revoking access for specific users and groups. You can control who can view, use, or manage the action connector.
Updates an existing action connector with new configuration details, authentication settings, or enabled actions. You can modify the connector's name, description, authentication configuration, and which actions are enabled. For more information, https://docs.aws.amazon.com/quicksuite/latest/userguide/quick-action-auth.html.
Updates an existing action connector with new configuration details, authentication settings, or enabled actions. You can modify the connector's name, description, authentication configuration, and which actions are enabled. For more information, https://docs.aws.amazon.com/quicksuite/latest/userguide/quick-action-auth.html.
Updates the read and write permissions for an analysis.
Updates the read and write permissions for an analysis.
Updates an analysis in Amazon Quick Sight
Updates an analysis in Amazon Quick Sight
Updates an Quick application with a token exchange grant. This operation only supports Quick applications that are registered with IAM Identity Center.
Updates an Quick application with a token exchange grant. This operation only supports Quick applications that are registered with IAM Identity Center.
Updates a brand assignment.
Updates a brand assignment.
Updates the published version of a brand.
Updates the published version of a brand.
Updates a brand.
Updates a brand.
Updates a custom permissions profile.
Updates a custom permissions profile.
Updates the linked analyses on a dashboard.
Updates the linked analyses on a dashboard.
Updates read and write permissions on a dashboard.
Updates read and write permissions on a dashboard.
Updates the published version of a dashboard.
Updates the published version of a dashboard.
Updates a dashboard in an Amazon Web Services account. Updating a Dashboard creates a new dashboard version but does not immediately publish the new version. You can update the published version of a dashboard by using the UpdateDashboardPublishedVersion API operation.
Updates a dashboard in an Amazon Web Services account. Updating a Dashboard creates a new dashboard version but does not immediately publish the new version. You can update the published version of a dashboard by using the UpdateDashboardPublishedVersion API operation.
Updates a Dashboard QA configuration.
Updates a Dashboard QA configuration.
Updates the permissions on a dataset. The permissions resource is arn:aws:quicksight:region:aws-account-id:dataset/data-set-id.
Updates the permissions on a dataset. The permissions resource is arn:aws:quicksight:region:aws-account-id:dataset/data-set-id.
Updates a dataset. This operation doesn't support datasets that include uploaded files as a source. Partial updates are not supported by this operation.
Updates a dataset. This operation doesn't support datasets that include uploaded files as a source. Partial updates are not supported by this operation.
Updates the permissions to a data source.
Updates the permissions to a data source.
Updates a data source.
Updates a data source.
Updates a Amazon Q Business application that is linked to a Quick Sight account.
Updates a Amazon Q Business application that is linked to a Quick Sight account.
Updates permissions against principals on a flow.
Updates permissions against principals on a flow.
Updates permissions of a folder.
Updates permissions of a folder.
Updates the name of a folder.
Updates the name of a folder.
Changes a group description.
Changes a group description.
Updates an existing IAM policy assignment. This operation updates only the optional parameter or parameters that are specified in the request. This overwrites all of the users included in Identities.
Updates an existing IAM policy assignment. This operation updates only the optional parameter or parameters that are specified in the request. This overwrites all of the users included in Identities.
Adds or updates services and authorized targets to configure what the Quick Sight IAM Identity Center application can access. This operation is only supported for Quick Sight accounts using IAM Identity Center
Adds or updates services and authorized targets to configure what the Quick Sight IAM Identity Center application can access. This operation is only supported for Quick Sight accounts using IAM Identity Center
Updates the content and status of IP rules. Traffic from a source is allowed when the source satisfies either the IpRestrictionRule, VpcIdRestrictionRule, or VpcEndpointIdRestrictionRule. To use this operation, you must provide the entire map of rules. You can use the DescribeIpRestriction operation to get the current rule map.
Updates the content and status of IP rules. Traffic from a source is allowed when the source satisfies either the IpRestrictionRule, VpcIdRestrictionRule, or VpcEndpointIdRestrictionRule. To use this operation, you must provide the entire map of rules. You can use the DescribeIpRestriction operation to get the current rule map.
Updates a customer managed key in a Quick Sight account.
Updates a customer managed key in a Quick Sight account.
This API controls public sharing settings for your entire Quick Sight account, affecting data security and access. When you enable public sharing: Dashboards can be shared publicly This setting affects your entire Amazon Web Services account and all Quick Sight users Before proceeding: Ensure you understand the security implications and have proper IAM permissions configured. Use the UpdatePublicSharingSettings operation to turn on or turn off the public sharing settings of an Amazon Quick Sight dashboard. To use this operation, turn on session capacity pricing for your Amazon Quick Sight account. Before you can turn on public sharing on your account, make sure to give public sharing permissions to an administrative user in the Identity and Access Management (IAM) console. For more information on using IAM with Amazon Quick Sight, see Using Quick with IAM in the Amazon Quick Sight User Guide.
This API controls public sharing settings for your entire Quick Sight account, affecting data security and access. When you enable public sharing: Dashboards can be shared publicly This setting affects your entire Amazon Web Services account and all Quick Sight users Before proceeding: Ensure you understand the security implications and have proper IAM permissions configured. Use the UpdatePublicSharingSettings operation to turn on or turn off the public sharing settings of an Amazon Quick Sight dashboard. To use this operation, turn on session capacity pricing for your Amazon Quick Sight account. Before you can turn on public sharing on your account, make sure to give public sharing permissions to an administrative user in the Identity and Access Management (IAM) console. For more information on using IAM with Amazon Quick Sight, see Using Quick with IAM in the Amazon Quick Sight User Guide.
Updates a personalization configuration.
Updates a personalization configuration.
Updates the state of a Quick Sight Q Search configuration.
Updates the state of a Quick Sight Q Search configuration.
Updates a refresh schedule for a dataset.
Updates a refresh schedule for a dataset.
Updates the custom permissions that are associated with a role.
Updates the custom permissions that are associated with a role.
Updates the SPICE capacity configuration for a Quick Sight account.
Updates the SPICE capacity configuration for a Quick Sight account.
Updates the self-upgrade configuration for a Quick account.
Updates the self-upgrade configuration for a Quick account.
Updates a self-upgrade request for a Quick user by approving, denying, or verifying the request.
Updates a self-upgrade request for a Quick user by approving, denying, or verifying the request.
Updates the template alias of a template.
Updates the template alias of a template.
Updates the resource permissions for a template.
Updates the resource permissions for a template.
Updates a template from an existing Amazon Quick Sight analysis or another template.
Updates a template from an existing Amazon Quick Sight analysis or another template.
Updates an alias of a theme.
Updates an alias of a theme.
Updates the resource permissions for a theme. Permissions apply to the action to grant or revoke permissions on, for example "quicksight:DescribeTheme". Theme permissions apply in groupings. Valid groupings include the following for the three levels of permissions, which are user, owner, or no permissions: User "quicksight:DescribeTheme" "quicksight:DescribeThemeAlias" "quicksight:ListThemeAliases" "quicksight:ListThemeVersions" Owner "quicksight:DescribeTheme" "quicksight:DescribeThemeAlias" "quicksight:ListThemeAliases" "quicksight:ListThemeVersions" "quicksight:DeleteTheme" "quicksight:UpdateTheme" "quicksight:CreateThemeAlias" "quicksight:DeleteThemeAlias" "quicksight:UpdateThemeAlias" "quicksight:UpdateThemePermissions" "quicksight:DescribeThemePermissions" To specify no permissions, omit the permissions list.
Updates the resource permissions for a theme. Permissions apply to the action to grant or revoke permissions on, for example "quicksight:DescribeTheme". Theme permissions apply in groupings. Valid groupings include the following for the three levels of permissions, which are user, owner, or no permissions: User "quicksight:DescribeTheme" "quicksight:DescribeThemeAlias" "quicksight:ListThemeAliases" "quicksight:ListThemeVersions" Owner "quicksight:DescribeTheme" "quicksight:DescribeThemeAlias" "quicksight:ListThemeAliases" "quicksight:ListThemeVersions" "quicksight:DeleteTheme" "quicksight:UpdateTheme" "quicksight:CreateThemeAlias" "quicksight:DeleteThemeAlias" "quicksight:UpdateThemeAlias" "quicksight:UpdateThemePermissions" "quicksight:DescribeThemePermissions" To specify no permissions, omit the permissions list.
Updates a theme.
Updates a theme.
Updates the permissions of a topic.
Updates the permissions of a topic.
Updates a topic refresh schedule.
Updates a topic refresh schedule.
Updates a topic.
Updates a topic.
Updates a custom permissions profile for a user.
Updates a custom permissions profile for a user.
Updates an Amazon Quick Sight user.
Updates an Amazon Quick Sight user.
Updates a VPC connection.
Updates a VPC connection.