StartDashboardSnapshotJob
Starts an asynchronous job that generates a snapshot of a dashboard's output. You can request one or several of the following format configurations in each API call.
-
1 Paginated PDF
-
1 Excel workbook that includes up to 5 table or pivot table visuals
-
5 CSVs from table or pivot table visuals
The status of a submitted job can be polled with the DescribeDashboardSnapshotJob API. When you call the DescribeDashboardSnapshotJob API, check the JobStatus field in the response. Once the job reaches a COMPLETED or FAILED status, use the DescribeDashboardSnapshotJobResult API to obtain the URLs for the generated files. If the job fails, the DescribeDashboardSnapshotJobResult API returns detailed information about the error that occurred.
StartDashboardSnapshotJob API throttling
Quick Sight utilizes API throttling to create a more consistent user experience within a time span for customers when they call the StartDashboardSnapshotJob. By default, 12 jobs can run simlutaneously in one AWS account and users can submit up 10 API requests per second before an account is throttled. If an overwhelming number of API requests are made by the same user in a short period of time, Quick Sight throttles the API calls to maintin an optimal experience and reliability for all Quick Sight users.
Common throttling scenarios
The following list provides information about the most commin throttling scenarios that can occur.
-
A large number of
SnapshotExportAPI jobs are running simultaneously on an AWS account. When a newStartDashboardSnapshotJobis created and there are already 12 jobs with theRUNNINGstatus, the new job request fails and returns aLimitExceededExceptionerror. Wait for a current job to comlpete before you resubmit the new job. -
A large number of API requests are submitted on an AWS account. When a user makes more than 10 API calls to the Quick Sight API in one second, a
ThrottlingExceptionis returned.
If your use case requires a higher throttling limit, contact your account admin or AWSSupport
Best practices to handle throttling
If your use case projects high levels of API traffic, try to reduce the degree of frequency and parallelism of API calls as much as you can to avoid throttling. You can also perform a timing test to calculate an estimate for the total processing time of your projected load that stays within the throttling limits of the Quick Sight APIs. For example, if your projected traffic is 100 snapshot jobs before 12:00 PM per day, start 12 jobs in parallel and measure the amount of time it takes to proccess all 12 jobs. Once you obtain the result, multiply the duration by 9, for example (12 minutes * 9 = 108 minutes). Use the new result to determine the latest time at which the jobs need to be started to meet your target deadline.
The time that it takes to process a job can be impacted by the following factors:
-
The dataset type (Direct Query or SPICE).
-
The size of the dataset.
-
The complexity of the calculated fields that are used in the dashboard.
-
The number of visuals that are on a sheet.
-
The types of visuals that are on the sheet.
-
The number of formats and snapshots that are requested in the job configuration.
-
The size of the generated snapshots.
Registered user support
You can generate snapshots for registered Quick Sight users by using the Snapshot Job APIs with identity-enhanced IAM role session credentials. This approach allows you to create snapshots on behalf of specific Quick Sight users while respecting their row-level security (RLS), column-level security (CLS), dynamic default parameters and dashboard parameter/filter settings.
To generate snapshots for registered Quick Sight users, you need to:
-
Obtain identity-enhanced IAM role session credentials from AWS Security Token Service (STS).
-
Use these credentials to call the Snapshot Job APIs.
Identity-enhanced credentials are credentials that contain information about the end user (e.g., registered Quick Sight user).
If your Quick Sight users are backed by AWS Identity Center, then you need to set up a trusted token issuer. Then, getting identity-enhanced IAM credentials for a Quick Sight user will look like the following:
-
Authenticate user with your OIDC compliant Identity Provider. You should get auth tokens back.
-
Use the OIDC API, CreateTokenWithIAM, to exchange auth tokens to IAM tokens. One of the resulted tokens will be identity token.
-
Call STS AssumeRole API as you normally would, but provide an extra
ProvidedContextsparameter in the API request. The list of contexts must have a single trusted context assertion. TheProviderArnshould bearn:aws:iam::aws:contextProvider/IdentityCenterwhileContextAssertionwill be the identity token you received in response from CreateTokenWithIAM
For more details, see IdC documentation on Identity-enhanced IAM role sessions.
To obtain Identity-enhanced credentials for Quick Sight native users, IAM federated users, or Active Directory users, follow the steps below:
-
Call Quick Sight GetIdentityContext API to get identity token.
-
Call STS AssumeRole API as you normally would, but provide extra
ProvidedContextsparameter in the API request. The list of contexts must have a single trusted context assertion. TheProviderArnshould bearn:aws:iam::aws:contextProvider/QuickSightwhileContextAssertionwill be the identity token you received in response from GetIdentityContext
After obtaining the identity-enhanced IAM role session credentials, you can use them to start a job, describe the job and describe job result. You can use the same credentials as long as they haven't expired. All API requests made with these credentials are considered to be made by the impersonated Quick Sight user.
Important
When using identity-enhanced session credentials, set the UserConfiguration request attribute to null. Otherwise, the request will be invalid.
Possible error scenarios
The request fails with an Access Denied error in the following scenarios:
-
The credentials have expired.
-
The impersonated Quick Sight user doesn't have access to the specified dashboard.
-
The impersonated Quick Sight user is restricted from exporting data in the selected formats. For more information about export restrictions, see Customizing access to Amazon Quick Sight capabilities.
Request Syntax
POST /accounts/AwsAccountId/dashboards/DashboardId/snapshot-jobs HTTP/1.1
Content-type: application/json
{
"SnapshotConfiguration": {
"DestinationConfiguration": {
"S3Destinations": [
{
"BucketConfiguration": {
"BucketName": "string",
"BucketPrefix": "string",
"BucketRegion": "string"
}
}
]
},
"FileGroups": [
{
"Files": [
{
"FormatType": "string",
"SheetSelections": [
{
"SelectionScope": "string",
"SheetId": "string",
"VisualIds": [ "string" ]
}
]
}
]
}
],
"Parameters": {
"DateTimeParameters": [
{
"Name": "string",
"Values": [ number ]
}
],
"DecimalParameters": [
{
"Name": "string",
"Values": [ number ]
}
],
"IntegerParameters": [
{
"Name": "string",
"Values": [ number ]
}
],
"StringParameters": [
{
"Name": "string",
"Values": [ "string" ]
}
]
}
},
"SnapshotJobId": "string",
"UserConfiguration": {
"AnonymousUsers": [
{
"RowLevelPermissionTags": [
{
"Key": "string",
"Value": "string"
}
]
}
]
}
}URI Request Parameters
The request uses the following URI parameters.
- AwsAccountId
-
The ID of the AWS account that the dashboard snapshot job is executed in.
Length Constraints: Fixed length of 12.
Pattern:
^[0-9]{12}$Required: Yes
- DashboardId
-
The ID of the dashboard that you want to start a snapshot job for.
Length Constraints: Minimum length of 1. Maximum length of 512.
Pattern:
[\w\-]+Required: Yes
Request Body
The request accepts the following data in JSON format.
- SnapshotConfiguration
-
A structure that describes the configuration of the dashboard snapshot.
Type: SnapshotConfiguration object
Required: Yes
- SnapshotJobId
-
An ID for the dashboard snapshot job. This ID is unique to the dashboard while the job is running. This ID can be used to poll the status of a job with a
DescribeDashboardSnapshotJobwhile the job runs. You can reuse this ID for another job 24 hours after the current job is completed.Type: String
Length Constraints: Minimum length of 1. Maximum length of 512.
Pattern:
[\w\-]+Required: Yes
- UserConfiguration
-
A structure that contains information about the users that the dashboard snapshot is generated for. The users can be either anonymous users or registered users. Anonymous users cannot be used together with registered users.
Important
When using identity-enhanced session credentials, set the UserConfiguration request attribute to null. Otherwise, the request will be invalid.
Type: SnapshotUserConfiguration object
Required: No
Response Syntax
HTTP/1.1 Status
Content-type: application/json
{
"Arn": "string",
"RequestId": "string",
"SnapshotJobId": "string"
}Response Elements
If the action is successful, the service sends back the following HTTP response.
- Status
-
The HTTP status of the request
The following data is returned in JSON format by the service.
- Arn
-
The Amazon Resource Name (ARN) for the dashboard snapshot job.
Type: String
- RequestId
-
The AWS request ID for this operation.
Type: String
Pattern:
.*\S.* - SnapshotJobId
-
The ID of the job. The job ID is set when you start a new job with a
StartDashboardSnapshotJobAPI call.Type: String
Length Constraints: Minimum length of 1. Maximum length of 512.
Pattern:
[\w\-]+
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You don't have access to this item. The provided credentials couldn't be validated. You might not be authorized to carry out the request. Make sure that your account is authorized to use the Amazon Quick Sight service, that your policies have the correct permissions, and that you are using the correct credentials.
- RequestId
-
The AWS request ID for this request.
HTTP Status Code: 401
- InternalFailureException
-
An internal failure occurred.
- RequestId
-
The AWS request ID for this request.
HTTP Status Code: 500
- InvalidParameterValueException
-
One or more parameters has a value that isn't valid.
- RequestId
-
The AWS request ID for this request.
HTTP Status Code: 400
- LimitExceededException
-
A limit is exceeded.
- RequestId
-
The AWS request ID for this request.
- ResourceType
-
Limit exceeded.
HTTP Status Code: 409
- ResourceExistsException
-
The resource specified already exists.
- RequestId
-
The AWS request ID for this request.
- ResourceType
-
The resource type for this request.
HTTP Status Code: 409
- ResourceNotFoundException
-
One or more resources can't be found.
- RequestId
-
The AWS request ID for this request.
- ResourceType
-
The resource type for this request.
HTTP Status Code: 404
- ThrottlingException
-
Access is throttled.
- RequestId
-
The AWS request ID for this request.
HTTP Status Code: 429
- UnsupportedPricingPlanException
-
This error indicates that you are calling an embedding operation in Amazon Quick Sight without the required pricing plan on your AWS account. Before you can use embedding for anonymous users, a Quick Suite administrator needs to add capacity pricing to Quick Sight. You can do this on the Manage Quick Suite page.
After capacity pricing is added, you can use the
GetDashboardEmbedUrlAPI operation with the--identity-type ANONYMOUSoption.- RequestId
-
The AWS request ID for this request.
HTTP Status Code: 403
- UnsupportedUserEditionException
-
This error indicates that you are calling an operation on an Amazon Quick Suite subscription where the edition doesn't include support for that operation. Amazon Quick Suite currently has Standard Edition and Enterprise Edition. Not every operation and capability is available in every edition.
- RequestId
-
The AWS request ID for this request.
HTTP Status Code: 403
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
