How to share dashboard with anyone on the internet with CDK?

Gunar · September 1, 2023, 11:28am

Follow up from https://community.amazonquicksight.com/t/how-to-share-dashboard-with-everyone-in-account-with-cdk/15702:

How can I enable share with anyone on the internet with CDK?
I tried using the same permissions as Granting anyone on the internet access to an Amazon QuickSight dashboard using the QuickSight API - Amazon QuickSight but I am getting weird errors both when trying to use CDK or AWS CLI:

CDK:



            {
                principal : "arn:aws:quicksight:::publicAnonymousUser/*",
                actions: [
                    "quicksight:DescribeDashboard",
                    "quicksight:QueryDashboard",
                    "quicksight:ListDashboardVersions",
                ]
            }

Invalid request provided: Principal arn:aws:quicksight:::publicAnonymousUser/* is part of a different account (Service: QuickSight, Status Code: 400

AWS CLI:

aws quicksight update-dashboard-permissions --aws-account-id 019057418625 --dashboard-id apt-dashboard --grant-link-permissions 'Principal="arn:aws:quicksight:::publicAnonymousUser/*", Actions="quicksight:DescribeDashboard, quicksight:QueryDashboard, quicksight:ListDashboardVersions"'

An error occurred (InvalidParameterValueException) when calling the UpdateDashboardPermissions operation: ResourcePermission list contains unsupported permission sets [quicksight:DescribeDashboard, quicksight:QueryDashboard, quicksight:ListDashboardVersions] for this resource. Valid sets : [quicksight:DescribeDashboard, quicksight:ListDashboardVersions, quicksight:UpdateDashboardPermissions, quicksight:QueryDashboard, quicksight:UpdateDashboard, quicksight:DeleteDashboard, quicksight:UpdateDashboardPublishedVersion, quicksight:DescribeDashboardPermissions], or [quicksight:DescribeDashboard, quicksight:QueryDashboard, quicksight:ListDashboardVersions]

Looks bugged to me.
Note that I have enabled session pricing and public sharing in my account

andres007 · September 1, 2023, 12:21pm

Hello @Gunar,

I have tried and I am getting the same error which does not make much sense to be honest.

I would recommend filing a case with AWS Support where we can dive into the details so that we can help you further. Here are the steps to open a support case. If your company has someone who manages your AWS account, you might not have direct access to AWS Support and will need to raise an internal ticket to your IT team or whomever manages your AWS account. They should be able to open an AWS Support case on your behalf. Hope this helps!

Kind regards,
Andres.