[ aws . iotsitewise ]

create-portal

Description

Creates a portal, which can contain projects and dashboards. IoT SiteWise Monitor uses IAM Identity Center or IAM to authenticate portal users and manage user permissions.

Note

Before you can sign in to a new portal, you must add at least one identity to that portal. For more information, see Adding or removing portal administrators in the IoT SiteWise User Guide .

See also: AWS API Documentation

Synopsis

  create-portal
--portal-name <value>
[--portal-description <value>]
--portal-contact-email <value>
[--client-token <value>]
[--portal-logo-image-file <value>]
--role-arn <value>
[--tags <value>]
[--portal-auth-mode <value>]
[--notification-sender-email <value>]
[--alarms <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
[--cli-binary-format <value>]
[--no-cli-pager]
[--cli-auto-prompt]
[--no-cli-auto-prompt]

Options

--portal-name (string)

A friendly name for the portal.

--portal-description (string)

A description for the portal.

--portal-contact-email (string)

The Amazon Web Services administrator’s contact email address.

--client-token (string)

A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don’t reuse this client token if a new idempotent request is required.

--portal-logo-image-file (structure)

A logo image to display in the portal. Upload a square, high-resolution image. The image is displayed on a dark background.

data -> (blob)

The image file contents, represented as a base64-encoded string. The file size must be less than 1 MB.

type -> (string)

The file type of the image.

Shorthand Syntax:

data=blob,type=string

JSON Syntax:

{
  "data": blob,
  "type": "PNG"
}

--role-arn (string)

The ARN of a service role that allows the portal’s users to access your IoT SiteWise resources on your behalf. For more information, see Using service roles for IoT SiteWise Monitor in the IoT SiteWise User Guide .

--tags (map)

A list of key-value pairs that contain metadata for the portal. For more information, see Tagging your IoT SiteWise resources in the IoT SiteWise User Guide .

key -> (string)

value -> (string)

Shorthand Syntax:

KeyName1=string,KeyName2=string

JSON Syntax:

{"string": "string"
  ...}

--portal-auth-mode (string)

The service to use to authenticate users to the portal. Choose from the following options:

  • SSO – The portal uses IAM Identity Center (successor to Single Sign-On) to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see Enabling IAM Identity Center in the IoT SiteWise User Guide . This option is only available in Amazon Web Services Regions other than the China Regions.

  • IAM – The portal uses Identity and Access Management to authenticate users and manage user permissions.

You can’t change this value after you create a portal.

Default: SSO

Possible values:

  • IAM

  • SSO

--notification-sender-email (string)

The email address that sends alarm notifications.

Warning

If you use the IoT Events managed Lambda function to manage your emails, you must verify the sender email address in Amazon SES .

--alarms (structure)

Contains the configuration information of an alarm created in an IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see Monitoring with alarms in the IoT SiteWise Application Guide .

alarmRoleArn -> (string)

The ARN of the IAM role that allows the alarm to perform actions and access Amazon Web Services resources and services, such as IoT Events.

notificationLambdaArn -> (string)

The ARN of the Lambda function that manages alarm notifications. For more information, see Managing alarm notifications in the IoT Events Developer Guide .

Shorthand Syntax:

alarmRoleArn=string,notificationLambdaArn=string

JSON Syntax:

{
  "alarmRoleArn": "string",
  "notificationLambdaArn": "string"
}

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command. The generated JSON skeleton is not stable between versions of the AWS CLI and there are no backwards compatibility guarantees in the JSON skeleton generated.

Global Options

--debug (boolean)

Turn on debug logging.

--endpoint-url (string)

Override command’s default URL with the given URL.

--no-verify-ssl (boolean)

By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.

--no-paginate (boolean)

Disable automatic pagination.

--output (string)

The formatting style for command output.

  • json

  • text

  • table

  • yaml

  • yaml-stream

--query (string)

A JMESPath query to use in filtering the response data.

--profile (string)

Use a specific profile from your credential file.

--region (string)

The region to use. Overrides config/env settings.

--version (string)

Display the version of this tool.

--color (string)

Turn on/off color output.

  • on

  • off

  • auto

--no-sign-request (boolean)

Do not sign requests. Credentials will not be loaded if this argument is provided.

--ca-bundle (string)

The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.

--cli-read-timeout (int)

The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.

--cli-connect-timeout (int)

The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.

--cli-binary-format (string)

The formatting style to be used for binary blobs. The default format is base64. The base64 format expects binary blobs to be provided as a base64 encoded string. The raw-in-base64-out format preserves compatibility with AWS CLI V1 behavior and binary values must be passed literally. When providing contents from a file that map to a binary blob fileb:// will always be treated as binary and use the file contents directly regardless of the cli-binary-format setting. When using file:// the file contents will need to properly formatted for the configured cli-binary-format.

  • base64

  • raw-in-base64-out

--no-cli-pager (boolean)

Disable cli pager for output.

--cli-auto-prompt (boolean)

Automatically prompt for CLI input parameters.

--no-cli-auto-prompt (boolean)

Disable automatically prompt for CLI input parameters.

Examples

Note

To use the following examples, you must have the AWS CLI installed and configured. See the Getting started guide in the AWS CLI User Guide for more information.

Unless otherwise stated, all examples have unix-like quotation rules. These examples will need to be adapted to your terminal’s quoting rules. See Using quotation marks with strings in the AWS CLI User Guide .

To create a portal

The following create-portal example creates a web portal for a wind farm company. You can create portals only in the same Region where you enabled AWS Single Sign-On.

aws iotsitewise create-portal \
    --portal-name WindFarmPortal \
    --portal-description "A portal that contains wind farm projects for Example Corp." \
    --portal-contact-email support@example.com \
    --role-arn arn:aws:iam::123456789012:role/service-role/MySiteWiseMonitorServiceRole

Output:

{
    "portalId": "a1b2c3d4-5678-90ab-cdef-aaaaaEXAMPLE",
    "portalArn": "arn:aws:iotsitewise:us-west-2:123456789012:portal/a1b2c3d4-5678-90ab-cdef-aaaaaEXAMPLE",
    "portalStartUrl": "https://a1b2c3d4-5678-90ab-cdef-aaaaaEXAMPLE.app.iotsitewise.aws",
    "portalStatus": {
        "state": "CREATING"
    },
    "ssoApplicationId": "ins-a1b2c3d4-EXAMPLE"
}

For more information, see Getting started with AWS IoT SiteWise Monitor in the AWS IoT SiteWise User Guide and Enabling AWS SSO in the AWS IoT SiteWise User Guide..

Output

portalId -> (string)

The ID of the created portal.

portalArn -> (string)

The ARN of the portal, which has the following format.

arn:${Partition}:iotsitewise:${Region}:${Account}:portal/${PortalId}

portalStartUrl -> (string)

The URL for the IoT SiteWise Monitor portal. You can use this URL to access portals that use IAM Identity Center for authentication. For portals that use IAM for authentication, you must use the IoT SiteWise console to get a URL that you can use to access the portal.

portalStatus -> (structure)

The status of the portal, which contains a state (CREATING after successfully calling this operation) and any error message.

state -> (string)

The current state of the portal.

error -> (structure)

Contains associated error information, if any.

code -> (string)

The error code.

message -> (string)

The error message.

ssoApplicationId -> (string)

The associated IAM Identity Center application ID, if the portal uses IAM Identity Center.