in Administrative_Dashboard/lambda_functions/group_initiation/group_initiation.py [0:0]
def lambda_handler(event, context):
group = str(event['detail']['requestParameters']['groupName'])
arn="arn:aws:quicksight:us-east-1:"+account_id+":group/default/"+group
print("group arn is: "+arn)
aws_region = str(event['detail']['awsRegion'])
if "Marketing" in group:
ids = get_dashboard_ids("Marketing Dashboard", qs_client, account_id)
try:
response = qs_client.update_dashboard_permissions(
AwsAccountId=account_id,
DashboardId=ids[0],
GrantPermissions=[
{
'Principal': arn,
'Actions': ['quicksight:DescribeDashboard',
'quicksight:ListDashboardVersions',
'quicksight:QueryDashboard']
},
]
)
except Exception as e:
print(e)
if "HR" in group:
ids=get_dashboard_ids("HR Dashboard", qs_client, account_id)
try:
response = qs_client.update_dashboard_permissions(
AwsAccountId=account_id,
DashboardId=ids[0],
GrantPermissions=[
{
'Principal': arn,
'Actions':['quicksight:DescribeDashboard',
'quicksight:ListDashboardVersions',
'quicksight:QueryDashboard']
},
]
)
except Exception as e:
print (e)
if "BI-Developer" in group or "BI-Admin" in group:
datasets = list_datasets(account_id)
datasources = list_data_sources(account_id)
dashboards = list_dashboards(account_id)
for datasource in datasources:
datasourceid=datasource['DataSourceId']
try:
response = qs_client.update_data_source_permissions(
AwsAccountId=account_id,
DataSourceId=datasourceid,
GrantPermissions=[
{
'Principal': arn,
'Actions':["quicksight:DescribeDataSource",
"quicksight:DescribeDataSourcePermissions",
"quicksight:PassDataSource",
"quicksight:UpdateDataSource",
"quicksight:DeleteDataSource",
"quicksight:UpdateDataSourcePermissions"]
},
]
)
except Exception as e:
print (e)
for dataset in datasets:
datasetid=dataset['DataSetId']
try:
response = qs_client.update_data_set_permissions(
AwsAccountId=account_id,
DataSetId=datasetid,
GrantPermissions=[
{
'Principal': arn,
'Actions':['quicksight:UpdateDataSetPermissions',
'quicksight:DescribeDataSet',
'quicksight:DescribeDataSetPermissions',
'quicksight:PassDataSet',
'quicksight:DescribeIngestion',
'quicksight:ListIngestions',
'quicksight:UpdateDataSet',
'quicksight:DeleteDataSet',
'quicksight:CreateIngestion',
'quicksight:CancelIngestion']
},
]
)
except Exception as e:
print (e)
for dashboard in dashboards:
dashboardid=dashboard['DashboardId']
try:
response = qs_client.update_dashboard_permissions(
AwsAccountId=account_id,
DashboardId=dashboardid,
GrantPermissions=[
{
'Principal': arn,
'Actions':['quicksight:DescribeDashboard',
'quicksight:ListDashboardVersions',
'quicksight:UpdateDashboardPermissions',
'quicksight:QueryDashboard',
'quicksight:UpdateDashboard',
'quicksight:DeleteDashboard',
'quicksight:DescribeDashboardPermissions',
'quicksight:UpdateDashboardPublishedVersion']
},
]
)
except Exception as e:
print (e)