Programmatically obtaining the list of Amazon Quicksight dashboards and users who have access to those dashboards
Mahaswin Ramalingam Balaji, Cloud Support Engineer
Use Case and Problem
This article provides a python code which utilizes boto3 Application Programming Interfaces (APIs) to programmatically obtain the list of Amazon Quicksight dashboards and users who have access to those dashboards.
How to Solve the Problem
Most often our customers reach out to us seeking guidance in finding the owners or users who have access to dashboards for all of the dashboards present in their account. This is a difficult task to be performed in the console as it may require manual effort. In order to make this task easy, I have developed a python code which provides the list of all Amazon QuickSight dashboards along with the user Amazon Resource Names (ARNs) of users who have access to these dashboards.
Please see below:
import boto3
# Specify your AWS credentials and region
aws_access_key_id = 'enter_aws_access_key_id_here'
aws_secret_access_key = 'enter_aws_secret_access_key_here'
aws_region = 'us-east-1'
# Create a QuickSight client
quicksight_client = boto3.client('quicksight', region_name=aws_region,
aws_access_key_id=aws_access_key_id,
aws_secret_access_key=aws_secret_access_key)
# Initialize the QuickSight client
quicksight_client = boto3.client('quicksight')
def list_all_dashboards(account_id):
paginator = quicksight_client.get_paginator('list_dashboards')
dashboards = []
for page in paginator.paginate(AwsAccountId=account_id):
dashboards.extend(page.get('DashboardSummaryList', []))
return dashboards
def get_dashboard_permissions(account_id, dashboard_id):
response = quicksight_client.describe_dashboard_permissions(
AwsAccountId=account_id,
DashboardId=dashboard_id
)
return response.get('Permissions', [])
def main():
account_id = 'enter_account_id_here' # Replace with your actual AWS account ID
dashboards = list_all_dashboards(account_id)
result = []
for dashboard in dashboards:
dashboard_id = dashboard['DashboardId']
dashboard_name = dashboard['Name']
dashboard_arn = dashboard['Arn']
permissions = get_dashboard_permissions(account_id, dashboard_id)
user_arns = [perm['Principal'] for perm in permissions]
result.append({
'Dashboard Name': dashboard_name,
'Dashboard ARN': dashboard_arn,
'User ARNs': user_arns
})
for item in result:
print(f"Dashboard Name: {item['Dashboard Name']}")
print(f"Dashboard ARN: {item['Dashboard ARN']}")
print(f"Users with access: {', '.join(item['User ARNs'])}")
print('-' * 60)
if __name__ == "__main__":
main()
Sample output:
Dashboard Name: Sample student
Dashboard ARN: arn:aws:quicksight:us-east-1:959:dashboard/153d423a-b888-40e0-9fb2-e89eb85a2696
Users with access: arn:aws:quicksight:us-east-1:959:user/default/quick, arn:aws:quicksight:us-east-1:959:user/default/Admin
The output will list all the dashboards and users who have access to those dashboards in the above format one below the other.
NOTE: AWS Support does not provide code support or code development support. This is an example of how API’s can be made useful for automating certain tasks. The customers can modify the code in order to get desired output.
Conclusion
The code provided in the article explained how boto3 API’s can be used to automate manual task of obtaining the list of Amazon QuickSight dashboards and users who have access to those dashboards.
Author & Company Bio
Mahaswin Ramalingam Balaji is a Cloud Support Engineer-II at AWS and a certified Subject Matter Expert in QuickSight. Mahaswin is interested in Data visualization, Data engineering and in enhancing the features of QuickSight.
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud, offering over 200 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.