[ aws . iotsitewise ]



Creates a portal, which can contain projects and dashboards. IoT SiteWise Monitor uses Amazon Web Services SSO or IAM to authenticate portal users and manage user permissions.


Before you can sign in to a new portal, you must add at least one identity to that portal. For more information, see Adding or removing portal administrators in the IoT SiteWise User Guide .

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.


--portal-name <value>
[--portal-description <value>]
--portal-contact-email <value>
[--client-token <value>]
[--portal-logo-image-file <value>]
--role-arn <value>
[--tags <value>]
[--portal-auth-mode <value>]
[--notification-sender-email <value>]
[--alarms <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]


--portal-name (string)

A friendly name for the portal.

--portal-description (string)

A description for the portal.

--portal-contact-email (string)

The Amazon Web Services administrator’s contact email address.

--client-token (string)

A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don’t reuse this client token if a new idempotent request is required.

--portal-logo-image-file (structure)

A logo image to display in the portal. Upload a square, high-resolution image. The image is displayed on a dark background.

data -> (blob)

The image file contents, represented as a base64-encoded string. The file size must be less than 1 MB.

type -> (string)

The file type of the image.

Shorthand Syntax:


JSON Syntax:

  "data": blob,
  "type": "PNG"

--role-arn (string)

The ARN of a service role that allows the portal’s users to access your IoT SiteWise resources on your behalf. For more information, see Using service roles for IoT SiteWise Monitor in the IoT SiteWise User Guide .

--tags (map)

A list of key-value pairs that contain metadata for the portal. For more information, see Tagging your IoT SiteWise resources in the IoT SiteWise User Guide .

key -> (string)

value -> (string)

Shorthand Syntax:


JSON Syntax:

{"string": "string"

--portal-auth-mode (string)

The service to use to authenticate users to the portal. Choose from the following options:

  • SSO – The portal uses Amazon Web Services Single Sign On to authenticate users and manage user permissions. Before you can create a portal that uses Amazon Web Services SSO, you must enable Amazon Web Services SSO. For more information, see Enabling Amazon Web Services SSO in the IoT SiteWise User Guide . This option is only available in Amazon Web Services Regions other than the China Regions.

  • IAM – The portal uses Identity and Access Management to authenticate users and manage user permissions.

You can’t change this value after you create a portal.

Default: SSO

Possible values:

  • IAM

  • SSO

--notification-sender-email (string)

The email address that sends alarm notifications.


If you use the IoT Events managed Lambda function to manage your emails, you must verify the sender email address in Amazon SES .

--alarms (structure)

Contains the configuration information of an alarm created in an IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see Monitoring with alarms in the IoT SiteWise Application Guide .

alarmRoleArn -> (string)

The ARN of the IAM role that allows the alarm to perform actions and access Amazon Web Services resources and services, such as IoT Events.

notificationLambdaArn -> (string)

The ARN of the Lambda function that manages alarm notifications. For more information, see Managing alarm notifications in the IoT Events Developer Guide .

Shorthand Syntax:


JSON Syntax:

  "alarmRoleArn": "string",
  "notificationLambdaArn": "string"

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.


To create a portal

The following create-portal example creates a web portal for a wind farm company. You can create portals only in the same Region where you enabled AWS Single Sign-On.

aws iotsitewise create-portal \
    --portal-name WindFarmPortal \
    --portal-description "A portal that contains wind farm projects for Example Corp." \
    --portal-contact-email support@example.com \
    --role-arn arn:aws:iam::123456789012:role/service-role/MySiteWiseMonitorServiceRole


    "portalId": "a1b2c3d4-5678-90ab-cdef-aaaaaEXAMPLE",
    "portalArn": "arn:aws:iotsitewise:us-west-2:123456789012:portal/a1b2c3d4-5678-90ab-cdef-aaaaaEXAMPLE",
    "portalStartUrl": "https://a1b2c3d4-5678-90ab-cdef-aaaaaEXAMPLE.app.iotsitewise.aws",
    "portalStatus": {
        "state": "CREATING"
    "ssoApplicationId": "ins-a1b2c3d4-EXAMPLE"

For more information, see Getting started with AWS IoT SiteWise Monitor in the AWS IoT SiteWise User Guide and Enabling AWS SSO in the AWS IoT SiteWise User Guide..


portalId -> (string)

The ID of the created portal.

portalArn -> (string)

The ARN of the portal, which has the following format.


portalStartUrl -> (string)

The URL for the IoT SiteWise Monitor portal. You can use this URL to access portals that use Amazon Web Services SSO for authentication. For portals that use IAM for authentication, you must use the IoT SiteWise console to get a URL that you can use to access the portal.

portalStatus -> (structure)

The status of the portal, which contains a state (CREATING after successfully calling this operation) and any error message.

state -> (string)

The current state of the portal.

error -> (structure)

Contains associated error information, if any.

code -> (string)

The error code.

message -> (string)

The error message.

ssoApplicationId -> (string)

The associated Amazon Web Services SSO application ID, if the portal uses Amazon Web Services SSO.