This article provides a python code which utilizes boto3 Application Programming Interfaces (API’s) to programmatically obtain the list of Amazon QuickSight datasets and users who have access to those datasets.
Our customers often reach out to us seeking guidance in finding the owners or users who have access to datasets for all of the datasets present in their account. This is a difficult task to be performed in the console as it may require manual effort. In order to make this task easier, I have developed a python code which provides the list of all Amazon QuickSight datasets along with the user Amazon Resource Names (ARNs) of users who have access to these datasets.
Please see below:
import boto3
import pandas as pd
# Specify your AWS credentials and region
aws_access_key_id = 'enter_aws_access_key_id_here'
aws_secret_access_key = 'enter_aws_secret_access_key_id_here'
aws_region = 'us-east-1'
# Create a QuickSight client
quicksight_client = boto3.client('quicksight', region_name=aws_region,
aws_access_key_id=aws_access_key_id,
aws_secret_access_key=aws_secret_access_key)
# Initialize the QuickSight client
quicksight_client = boto3.client('quicksight')
# Owner permissions as specified
OWNER_PERMISSIONS = [
'quicksight:UpdateDataSetPermissions',
'quicksight:DescribeDataSet',
'quicksight:DescribeDataSetPermissions',
'quicksight:PassDataSet',
'quicksight:DescribeIngestion',
'quicksight:ListIngestions',
'quicksight:UpdateDataSet',
'quicksight:DeleteDataSet',
'quicksight:CreateIngestion',
'quicksight:CancelIngestion'
]
def list_all_datasets(account_id):
paginator = quicksight_client.get_paginator('list_data_sets')
datasets = []
for page in paginator.paginate(AwsAccountId=account_id):
datasets.extend(page.get('DataSetSummaries', []))
return datasets
def get_dataset_permissions(account_id, dataset_id):
response = quicksight_client.describe_data_set_permissions(
AwsAccountId=account_id,
DataSetId=dataset_id
)
return response.get('Permissions', [])
def has_owner_permissions(actions):
return set(OWNER_PERMISSIONS).issubset(set(actions))
def main():
account_id = 'account_id' # Replace with your actual AWS account ID
datasets = list_all_datasets(account_id)
result = []
for dataset in datasets:
dataset_id = dataset['DataSetId']
dataset_name = dataset['Name']
dataset_arn = dataset['Arn']
permissions = get_dataset_permissions(account_id, dataset_id)
for perm in permissions:
user_arn = perm['Principal']
user_permissions = perm['Actions']
if has_owner_permissions(user_permissions):
result.append({
'Dataset Name': dataset_name,
'Dataset ARN': dataset_arn,
'User ARN': user_arn
# 'Permissions': ', '.join(user_permissions) include only if you want to see the permissions
})
# Create a DataFrame for output
#df = pd.DataFrame(result, columns=["Dataset Name", "Dataset ARN", "User ARN", "Permissions"]) use this only if you want to see the permissions
df = pd.DataFrame(result, columns=["Dataset Name", "Dataset ARN", "User ARN"])
df
#Export DataFrame to an Excel file
df.to_excel('quicksight_datasets_permissions.xlsx', index=False)
print("Exported the dataset permissions to 'quicksight_datasets_permissions.xlsx'")
if __name__ == "__main__":
main()
NOTE: The above code has package dependencies such as pandas and openpyxl.
The output will provide all the Amazon QuickSight datasets and users who have access to those datasets along with the permissions in a table format. In order to make it easy for viewing, the code will save the result as an Excel file in the local machine.
NOTE: AWS Support does not provide code support or code development support. This is an example of how API’s can be made useful for automating certain tasks. The customers can modify the code in order to get desired output.
Please feel free to reach out to me if you have any questions.
Author & Company Bio
Mahaswin Ramalingam Balaji is a Cloud Support Engineer-II at AWS and a certified Subject Matter Expert in QuickSight. Mahaswin is interested in Data visualization, Data engineering and in enhancing the features of QuickSight.
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud, offering over 200 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.