Amazon QuickSight Enhances Security and User Experience with Trusted Identity Propagation for Athena Direct Query
Seattle, WA – July 1, 2025 – Amazon Web Services (AWS) today announced the launch of Trusted Identity Propagation (TIP) for Amazon QuickSight, a significant advancement designed to bolster security and streamline the user experience when querying data directly from Amazon Athena. This new feature allows QuickSight to securely pass the end-user’s identity to Athena, enabling fine-grained access control directly within the data source.
Historically, when connecting QuickSight to Athena for direct query, the identity used to establish the connection to Athena was often a service role or a generic user. While this approach ensured connectivity, it presented challenges for implementing granular data access policies based on individual users. This meant that administrators had to manage access controls within QuickSight, which could become complex and prone to misconfiguration when dealing with diverse user groups and datasets.
Trusted Identity Propagation addresses this by enabling QuickSight to leverage the identity of the logged-in QuickSight user when executing queries against Athena. This seamless integration allows organizations to extend their existing data governance and security policies from their identity provider (such as AWS IAM Identity Center, formerly AWS SSO, or Okta) all the way down to the data layer in Athena.
Key Benefits of Trusted Identity Propagation:
- Enhanced Security and Granular Access Control: By propagating the user’s identity, organizations can now enforce row-level and column-level security policies directly within Athena. This means that users will only see the data they are authorized to access, based on the permissions defined in their identity provider and subsequently translated by Athena. This significantly reduces the risk of data exposure and ensures compliance with data governance standards.
- Simplified Administration: Trusted Identity Propagation reduces the burden on QuickSight administrators. Instead of managing complex security configurations within QuickSight dashboards and datasets, security policies can be centralized and managed at the identity provider and data source levels. This leads to a more efficient and less error-prone administration process.
- Improved User Experience: Users will experience a more intuitive and seamless workflow. They will automatically have access to the data relevant to their role without requiring manual intervention or separate authentication steps for data access. This leads to increased productivity and a more pleasant analytical experience.
- Direct Query Efficiency: As TIP is specifically for Athena Direct Query, it maintains the performance benefits of querying data directly from Athena, eliminating the need for data to be imported or processed by QuickSight itself for access control purposes.
How it Works:
When a user interacts with a QuickSight dashboard connected to an Athena data source configured with TIP, QuickSight securely obtains the user’s identity. This identity is then passed to Athena as part of the query execution request. Athena, in turn, can utilize this identity to apply predefined access control policies, such as Lake Formation permissions or custom SQL logic, to filter the data returned.
This launch represents a significant step forward in making QuickSight a more robust and secure business intelligence solution for organizations of all sizes. By enabling trusted identity propagation to Athena, AWS is empowering customers to build more secure, scalable, and user-friendly data analytics solutions.
For more information on Trusted Identity Propagation for Amazon QuickSight and Athena Direct Query, please refer to the official AWS documentation.
Amazon QuickSight launches Trusted Identity Propagation (TIP) for Athena Direct Query
AI has delivered the news.
The answer to the following question is obtained from Google Gemini.
Amazon published ‘Amazon QuickSight launches Trusted Identity Propagation (TIP) for Athena Direct Query’ at 2025-07-01 17:00. Please write a detailed article about this news in a polite tone with relevant information. Please reply in English with the article only.