By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Timestream query editor cross-account

0

hi everyone. is this true? AWS Timestream does not support direct cross-account querying from one Timestream query editor to another. To query Timestream tables across different AWS accounts, you would typically set up an intermediary like AWS Lambda. The Lambda function can be triggered to run the query in account A and then return the results to account B.

Topics
Database
Tags
Amazon Timestream
Language
English
profile picture
gh02
asked 9 months ago255 views
1 Answer
1
Accepted Answer

Yes, it is true. AWS Timestream does not support direct cross-account querying from one Timestream query editor to another. To query Timestream tables across different AWS accounts, you can set up an intermediary, such as AWS Lambda. The Lambda function can be triggered to run the query in one account (Account A) and then return the results to another account (Account B). This approach helps to bridge the gap between accounts and allows for cross-account data access.

Implementation Steps Set Up AWS Lambda in Account A:

Create a Lambda function that runs the query on the Timestream table in Account A. Ensure the Lambda function has the necessary permissions to query Timestream. Set Up AWS Lambda Invocation in Account B:

Create a trigger (e.g., API Gateway, CloudWatch Events) in Account B to invoke the Lambda function in Account A. Ensure proper cross-account IAM roles and permissions are set up for invoking the Lambda function across accounts. Return and Process Results:

The Lambda function in Account A executes the query and returns the results. The results can be processed and used as needed in Account B. Example Lambda Function (Python) python

import boto3
import json

def lambda_handler(event, context):
    client = boto3.client('timestream-query')
    
    query = "SELECT * FROM my_database.my_table"
    response = client.query(QueryString=query)
    
    return {
        'statusCode': 200,
        'body': json.dumps(response)
    }
IAM Role in Account A
json
Copy code
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "timestream:Query",
      "Resource": "*"
    }
  ]
}

IAM Role in Account B json

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "lambda:InvokeFunction",
      "Resource": "arn:aws:lambda:region:account-id:function:function-name"
    }
  ]
}

Conclusion By using an intermediary like AWS Lambda, you can effectively query Timestream tables across different AWS accounts, overcoming the limitation of direct cross-account querying in AWS Timestream.

ehsanonyx
answered 9 months ago
profile picture
EXPERT
Adeleke Adebowale Julius
reviewed 9 months ago
profile picture
EXPERT
Oleksii Bebych
reviewed 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content