AWS CLI Command Reference

[ aws . quicksight ]

generate-embed-url-for-anonymous-user

Description

Generates an embed URL that you can use to embed an Amazon QuickSight dashboard in your website, without having to register any reader users. Before you use this action, make sure that you have configured the dashboards and permissions.

The following rules apply to the generated URL:

  • It contains a temporary bearer token. It is valid for 5 minutes after it is generated. Once redeemed within this period, it cannot be re-used again.

  • The URL validity period should not be confused with the actual session lifetime that can be customized using the `` SessionLifetimeInMinutes `` parameter. The resulting user session is valid for 15 minutes (minimum) to 10 hours (maximum). The default session duration is 10 hours.

  • You are charged only when the URL is used or there is interaction with Amazon QuickSight.

For more information, see Embedded Analytics in the Amazon QuickSight User Guide .

For more information about the high-level steps for embedding and for an interactive demo of the ways you can customize embedding, visit the Amazon QuickSight Developer Portal .

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  generate-embed-url-for-anonymous-user
--aws-account-id <value>
[--session-lifetime-in-minutes <value>]
--namespace <value>
[--session-tags <value>]
--authorized-resource-arns <value>
--experience-configuration <value>
[--allowed-domains <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--aws-account-id (string)

The ID for the Amazon Web Services account that contains the dashboard that you’re embedding.

--session-lifetime-in-minutes (long)

How many minutes the session is valid. The session lifetime must be in [15-600] minutes range.

--namespace (string)

The Amazon QuickSight namespace that the anonymous user virtually belongs to. If you are not using an Amazon QuickSight custom namespace, set this to default .

--session-tags (list)

The session tags used for row-level security. Before you use this parameter, make sure that you have configured the relevant datasets using the DataSet$RowLevelPermissionTagConfiguration parameter so that session tags can be used to provide row-level security.

These are not the tags used for the Amazon Web Services resource tagging feature. For more information, see Using Row-Level Security (RLS) with Tags in the Amazon QuickSight User Guide .

(structure)

The key-value pair used for the row-level security tags feature.

Key -> (string)

The key for the tag.

Value -> (string)

The value that you want to assign the tag.

Shorthand Syntax:

Key=string,Value=string ...

JSON Syntax:

[
  {
    "Key": "string",
    "Value": "string"
  }
  ...
]

--authorized-resource-arns (list)

The Amazon Resource Names (ARNs) for the Amazon QuickSight resources that the user is authorized to access during the lifetime of the session. If you choose Dashboard embedding experience, pass the list of dashboard ARNs in the account that you want the user to be able to view. Currently, you can pass up to 25 dashboard ARNs in each API call.

(string)

Syntax:

"string" "string" ...

--experience-configuration (structure)

The configuration of the experience that you are embedding.

Dashboard -> (structure)

The type of embedding experience. In this case, Amazon QuickSight dashboards.

InitialDashboardId -> (string)

The dashboard ID for the dashboard that you want the user to see first. This ID is included in the output URL. When the URL in response is accessed, Amazon QuickSight renders this dashboard.

The Amazon Resource Name (ARN) of this dashboard must be included in the AuthorizedResourceArns parameter. Otherwise, the request will fail with InvalidParameterValueException .

Shorthand Syntax:

Dashboard={InitialDashboardId=string}

JSON Syntax:

{
  "Dashboard": {
    "InitialDashboardId": "string"
  }
}

--allowed-domains (list)

The domains that you want to add to the allow list for access to the generated URL that is then embedded. This optional parameter overrides the static domains that are configured in the Manage QuickSight menu in the Amazon QuickSight console. Instead, it allows only the domains that you include in this parameter. You can list up to three domains or subdomains in each API call.

To include all subdomains under a specific domain to the allow list, use * . For example, https://*.sapp.amazon.com includes all subdomains under https://sapp.amazon.com .

(string)

Syntax:

"string" "string" ...

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command. The generated JSON skeleton is not stable between versions of the AWS CLI and there are no backwards compatibility guarantees in the JSON skeleton generated.

See ‘aws help’ for descriptions of global parameters.

Output

EmbedUrl -> (string)

The embed URL for the dashboard.

Status -> (integer)

The HTTP status of the request.

RequestId -> (string)

The Amazon Web Services request ID for this operation.

© Copyright 2018, Amazon Web Services. Created using Sphinx.