Complete a 3 Question Survey and Earn a re:Post Badge

Help improve AWS Support Official channel in re:Post and share your experience - complete a quick three-question survey to earn a re:Post badge!

How do I use images from a private Amazon S3 bucket on a QuickSight dashboard?

4 minute read

I want to use images from a private Amazon Simple Storage Service (Amazon S3) bucket on an Amazon QuickSight dashboard.

Resolution

To use images from a private Amazon S3 bucket on QuickSight dashboards or reports, use either the AWS Lambda API or the Amazon CloudFront console.

Lambda API

To use the Lambda API, create a Lambda function, and then create an Amazon API Gateway trigger.

Create a Lambda function

Complete the following steps:

Open the Amazon S3 console.
In the navigation pane, choose Buckets, and then select your bucket.
Choose Upload.
Upload the image to the bucket in .jpg format.

Run the following command to create an Lambda function:

import boto3
import base64

def lambda_handler(event, context):
    s3 = boto3.client("s3")
    downloaded_s3_object = s3.get_object(Bucket="<S3 BUCKET NAME>", Key="<Image.jpg>")
    return base64.b64encode(downloaded_s3_object["Body"].read())

Note: Replace S3 BUCKET NAME and downloaded_s3_object with your information. The Lambda AWS Identity and Access Management (IAM) role must have the permission to get objects from the S3 bucket. For the Lambda function, set Runtime to Python 3.9.

Choose Deploy.

Create an API Gateway trigger

Complete the following steps:

Open the API Gateway console.
In the navigation pane, choose APIs, and then choose Create API.
Under REST API, choose Build.
On the Create REST API page, under API details, choose New API, and then enter the following information:
Enter a name for your API, and then choose Create API.
(Optional) Enter a description for your API.
For API endpoint type, select Regional. Then, choose Create API.
On the Resources page, under Methods, choose Create method.
On the Create method page, enter the following information:
For Method type, choose GET.
For Integration type, choose Lambda function.
For Lambda function, choose the AWS Region and your Lambda function.
Choose Create method.
On the Resources page, under Method request settings, choose Edit.
On the Edit method request page, under HTTP request headers, choose Add header.
For Name, enter Content-Type, and then choose Save.
On the Resources page, under Integration response, choose Edit.
Under Response details, for Content handling, choose Convert to binary, and then choose Save.
Deploy your API.
Note: For more information, see Setting up a stage using the API Gateway console.
On the Stages page, under Stage details, note the invoke URL, for example https://1a2bc3d456.execute-api.region.amazonaws.com/test.
Open the QuickSight console.
In the navigation pane, choose Analyses, and then select the analyses that you want to add the image to.
On the Visuals menu, choose Custom visual content.
Choose Customize visual.
In the Properties pane, under Customize content, enter the invoke URL.
Turn on the Show as image option, and then choose Apply.

The API Gateway returns a base64 string of the image. The QuickSight insight editor uses the API's URL to display the Image.

CloudFront console

Complete the following steps:

Open the CloudFront console.
In the navigation pane, choose Distributions, and then choose Create distribution.
On the Create distribution page, enter the following information:
For Origin domain, enter your origin's domain name.
For Origin access, choose Origin access control settings (recommended).
For Origin access control, choose Create new OAC, and then choose Create.
Under Web Application Firewall (WAF), select Do not enable security protections.
Choose Create distribution.
On the Distribution details page, note the distribution domain name, for example, d2icdkfpjckhwg.cloufront.net.
In the "The S3 bucket policy needs to be updated" message, choose Copy policy.
Open the Amazon S3 console.
Under General purpose buckets, select the bucket that hosts the content in the origin domain.
On the Bucket details page, under Permissions, choose Edit.
Enter the policy, and then choose Save changes.
On the Bucket details page, under Objects, select the object.
On the Object details page, note the S3 URI, for example s3://your-bucket-name/your_image.png.
On a new browser tab, enter the S3 URI, for example d2icdkfpjckhwg.cloufront.net/your_image.png.
On the QuickSight dashboard, under Properties, enter the custom URI in the Visual section.
Choose APPLY.

Topics

Analytics Machine Learning & AI

Relevant content

QuickSight Dashboard Image Display Issues with S3 Bucket Integration
Almaz
asked a year ago
Getting images from private s3 bucket and display it on the website
ttclw
asked 2 years ago
Systems Manager inventory data in a resource-synced centralized bucket: Looking for useful Athena or QuickSight example queries or visualizations to create useful reports and dashboards from the data.
Accepted Answer
rePost-User-2335362
asked 2 years ago
Within Quicksight, is there a way to visualize real time data from an S3 bucket
Accepted Answer
AWS-User-7013741
asked 5 years ago
How to access S3 bucket(private) objects from application hosted in Elastic Beanstalk.
shikha
asked a year ago
How do I retrieve a Docker image from a private repository and use it in an Elastic Beanstalk Docker platform?
AWS OFFICIALUpdated 2 years ago
How do I set up cross-account access from Amazon QuickSight to an Amazon S3 bucket in another account?
AWS OFFICIALUpdated a year ago
How can I create a private connection from Amazon QuickSight to an Amazon Redshift cluster or an Amazon RDS DB instance that's in a private subnet?
AWS OFFICIALUpdated a year ago
How do I allow Amazon QuickSight access to an S3 bucket with a deny policy?
AWS OFFICIALUpdated 2 years ago
Transform AWS Backup Data into Visual Insights with Amazon QuickSight
EXPERT
Durgesh
published 3 months ago