Skip to main content

Privacera Documentation

Connect Trino Open Source to Privacera Platform via plugin

Learn how you can use Privacera Manager to generate the setup script and Trino custom configuration for SSL to install Privacera Plugin in an open-source Trino environment.

Privacera Trino supports Trino Open Source with the following catalogs:

  • Hive

  • PostgreSQL DB

  • Redshift

Prerequisites
  • A working Trino environment

  • Privacera services must be up and running.

Procedure
  1. SSH to the instance as USER.

  2. Run the following commands:

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.trino.opensource.yml config/custom-vars/
    vi config/custom-vars/vars.trino.opensource.yml
  3. Edit the following properties. For property details and descriptions, see Table 46, “Trino Open Source Properties.

    TRINO_STANDALONE_ENABLE: "true"
    TRINO_USER_HOME: "<PLEASE_CHANGE>"
    TRINO_INSTALL_DIR_NAME: "<PLEASE_CHANGE>"
  4. Run the following commands:

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update

    After the update is complete, the setup script (privacera_trino_setup.sh) and Trino custom configurations (privacera_trino_plugin_conf.zip) for SSL will be generated at the path, cd ~/privacera/privacera-manager/output/trino-opensource/.

  5. In your Trino environment, do the following:

    1. Copy privacera_trino_setup.sh and privacera_trino_plugin_conf.zip. Both the files should be placed under the same folder.

    2. Add permissions to execute the script.

      chmod +x privacera_trino_setup.sh
    3. Run the script to install the Privacera plugin in your Trino environment.

      ./privacera_trino_setup.sh

Trino Open Source properties

Table 46. Trino Open Source Properties

Property

Description

Example

TRINO_OPENSOURCE_ENABLETRINO_OPENSOURCE_ENABLE

Property to enable/disable Trino.

true

TRINO_USER_HOME

Property to set the path to the Trino home directory.

/home/ec2-user

TRINO_INSTALL_DIR_NAME

Property to set the path to the directoy where Trino is installed.

/etc/trino

TRINO_RANGER_SERVICE_REPO

Property to indicate Trino Ranger policy.

privacera_trino

TRINO_AUDITS_URL_EXTERNAL

Solr audit URL or audit server URL.

http://10.100.10.10:8983/solr/ranger_audits

TRINO_RANGER_EXTERNAL_URL

This is a Ranger Admin URL.

/etc/trino

XAAUDIT.SOLR.ENABLE

Enable/Disable solr audit. Set the value to true to enable solr audit.

true

TRINO_HIVE_POLICY_AUTHZ_ENABLED

Enable/Disable Hive policy authorization for the Hive catalog.Set the value to true to use Hive policies to authorize hive catalog queries.

true

TRINO_HIVE_POLICY_REPO_CATALOG_MAPPING

Indicates Hive policy repository and Hive catalog mapping.

Use the following format:

{hive_policy_repo-1}:{comma_separated_hive_catalogs};{hive_policy_repo-2}:{comma_separated_hive_catalogs}

privacera_hive:hiveprivacera_hive:hivecatalog1,

TRINO_RANGER_AUTH_ENABLED

Set the value to true to disable authorization for show catalog query.

true



Migrating from PrestoSQL to Trino

To migrate your existing policies from PrestoSQL to Trino, see Migrate from PrestoSQL to Trino.