CreateIAMPolicyAssignment - Amazon QuickSight
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

CreateIAMPolicyAssignment

Creates an assignment with one specified IAM policy, identified by its Amazon Resource Name (ARN). This policy assignment is attached to the specified groups or users of Amazon QuickSight. Assignment names are unique per AWS account. To avoid overwriting rules in other namespaces, use assignment names that are unique.

Request Syntax

POST /accounts/AwsAccountId/namespaces/Namespace/iam-policy-assignments/ HTTP/1.1
Content-type: application/json

{
   "AssignmentName": "string",
   "AssignmentStatus": "string",
   "Identities": { 
      "string" : [ "string" ]
   },
   "PolicyArn": "string"
}

URI Request Parameters

The request uses the following URI parameters.

AwsAccountId

The ID of the AWS account where you want to assign an IAM policy to Amazon QuickSight users or groups.

Length Constraints: Fixed length of 12.

Pattern: ^[0-9]{12}$

Required: Yes

Namespace

The namespace that contains the assignment.

Length Constraints: Maximum length of 64.

Pattern: ^[a-zA-Z0-9._-]*$

Required: Yes

Request Body

The request accepts the following data in JSON format.

AssignmentName

The name of the assignment, also called a rule. The name must be unique within the AWS account.

Type: String

Length Constraints: Minimum length of 1.

Pattern: (?=^.{2,256}$)(?!.*\s)[0-9a-zA-Z-_.:=+@]*$

Required: Yes

AssignmentStatus

The status of the assignment. Possible values are as follows:

  • ENABLED - Anything specified in this assignment is used when creating the data source.

  • DISABLED - This assignment isn't used when creating the data source.

  • DRAFT - This assignment is an unfinished draft and isn't used when creating the data source.

Type: String

Valid Values: ENABLED | DRAFT | DISABLED

Required: Yes

Identities

The Amazon QuickSight users, groups, or both that you want to assign the policy to.

Type: String to array of strings map

Length Constraints: Minimum length of 1.

Pattern: [\u0020-\u00FF]+

Required: No

PolicyArn

The ARN for the IAM policy to apply to the Amazon QuickSight users and groups specified in this assignment.

Type: String

Required: No

Response Syntax

HTTP/1.1 Status
Content-type: application/json

{
   "AssignmentId": "string",
   "AssignmentName": "string",
   "AssignmentStatus": "string",
   "Identities": { 
      "string" : [ "string" ]
   },
   "PolicyArn": "string",
   "RequestId": "string"
}

Response Elements

If the action is successful, the service sends back the following HTTP response.

Status

The HTTP status of the request.

The following data is returned in JSON format by the service.

AssignmentId

The ID for the assignment.

Type: String

AssignmentName

The name of the assignment. The name must be unique within the AWS account.

Type: String

Length Constraints: Minimum length of 1.

Pattern: (?=^.{2,256}$)(?!.*\s)[0-9a-zA-Z-_.:=+@]*$

AssignmentStatus

The status of the assignment. Possible values are as follows:

  • ENABLED - Anything specified in this assignment is used when creating the data source.

  • DISABLED - This assignment isn't used when creating the data source.

  • DRAFT - This assignment is an unfinished draft and isn't used when creating the data source.

Type: String

Valid Values: ENABLED | DRAFT | DISABLED

Identities

The Amazon QuickSight users, groups, or both that the IAM policy is assigned to.

Type: String to array of strings map

Length Constraints: Minimum length of 1.

Pattern: [\u0020-\u00FF]+

PolicyArn

The ARN for the IAM policy that is applied to the Amazon QuickSight users and groups specified in this assignment.

Type: String

RequestId

The AWS request ID for this operation.

Type: String

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You don't have access to this item. The provided credentials couldn't be validated. You might not be authorized to carry out the request. Make sure that your account is authorized to use the Amazon QuickSight service, that your policies have the correct permissions, and that you are using the correct credentials.

HTTP Status Code: 401

ConcurrentUpdatingException

A resource is already in a state that indicates an operation is happening that must complete before a new update can be applied.

HTTP Status Code: 500

InternalFailureException

An internal failure occurred.

HTTP Status Code: 500

InvalidParameterValueException

One or more parameters has a value that isn't valid.

HTTP Status Code: 400

ResourceExistsException

The resource specified already exists.

HTTP Status Code: 409

ResourceNotFoundException

One or more resources can't be found.

HTTP Status Code: 404

ThrottlingException

Access is throttled.

HTTP Status Code: 429

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: