From siloed data to unified insights: Cross-account Athena Access for Amazon Quick

2026-05-14 · Source: Artificial Intelligence · Field: Technology & Digital — Cloud Computing & IT Infrastructure, Data Science & Analytics, Artificial Intelligence & Machine Learning · Depth: Intermediate, long

Summary

Amazon Quick has introduced cross-account Athena access, enabling organizations to query data residing in multiple AWS accounts from a centralized Amazon Quick deployment. This feature utilizes AWS Identity and Access Management (IAM) role chaining, where a "RunAsRole" (Role A) in the central Quick account assumes a "Consumer Account Role" (Role B) in the data-owning account. This mechanism allows Amazon Quick to access data in Amazon S3 via Amazon Athena and the AWS Glue Data Catalog, with query costs automatically billed to the consumer account where the data resides. The solution supports various architectural patterns, including basic two-account setups, hub-and-spoke models for multiple business units, and data mesh configurations, ensuring data sovereignty and proper cost attribution without data replication or managing multiple Quick subscriptions.

Key takeaway

For AI Architects and Data Engineers managing distributed data lakes, this update simplifies cross-account data access for Amazon Quick. You can now centralize your BI operations while maintaining data governance and accurate cost attribution per business unit. Consider adopting the hub-and-spoke pattern and templatizing IAM role creation to efficiently scale your analytics across multiple consumer accounts.

Key insights

Cross-account Athena access unifies BI by enabling secure, cost-attributed querying of distributed data via IAM role chaining.

Principles

• Maintain data sovereignty.
• Attribute costs to data owner.
• Use role chaining for cross-account access.

Method

Configure two IAM roles: Role A in the central Quick account (RunAsRole) and Role B in each consumer account (Consumer Account Role). Quick assumes Role A, which then chains into Role B to execute Athena queries.

In practice

• Implement hub-and-spoke for multiple business units.
• Templatize consumer-side IAM setup for scale.
• Scope Role B permissions to specific resources.

Topics

• Cross-Account Data Access
• Amazon Quick
• Amazon Athena
• IAM Role Chaining
• AWS Multi-Account Strategy

Best for: AI Architect, Data Engineer, MLOps Engineer

Related on AIssential

• AI-powered BI with Snowflake and Amazon Quick — Centralizing business logic via semantic views at the data layer ensures consistent data interpretation across AI and BI tools.
• AWS Glue, S3, and Athena — a beginner’s real-world workflow — AWS S3, Glue, and Athena form a cohesive serverless pipeline for storing, understanding, and querying cloud data efficiently.
• Build an enterprise observability solution for Amazon Quick — A solution centralizes Amazon Quick operational data for comprehensive observability and natural language querying.
• Accelerate business insights with Lakeflow Connect, now with a Free Tier — Unifying enterprise data from disparate sources enhances AI agent capabilities by providing complete context.
• AI app development is rewriting the database market — Databases are evolving into active memory layers essential for AI-native and agentic application development.
• Introducing Cross-Engine ABAC — Unity Catalog's cross-engine ABAC centralizes fine-grained data access policy enforcement across diverse data engines via Iceberg REST Catalog APIs.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Artificial Intelligence.