Skip to main content

Privacera Documentation

Connect Trino to PrivaceraCloud

This topic describes how to connect the Trino application, obtain account-specific scripts from your PrivaceraCloud account, and configure the Trino plug-In.

  1. Go to Settings > Applications.

  2. On the Applications screen, select Trino.

  3. Enter the application Name and Description, and then click Save.

    You can see Privacera Access Management and Data Discovery with toggle buttons.

    Note

    If you don't see Data Discovery in your application, enable it in Settings > Account > Discovery. For more information, see About the Account page on PrivaceraCloud

Enable Access Management for Trino

You only need to enable Privacera Access Management to start controlling access on Trino.

  1. Click the toggle button to enable the Privacera Access Management for your application.

    You will see this message: Save the setting to start controlling access on Trino.

  2. Click Save.

Enable Data Discovery for Trino

  1. Click the toggle button to enable Data Discovery for your application.

  2. On the BASIC tab, enter values in the following fields.

    • JDBC URL - jdbc:trino://<host>:<port>/<catalog>

      The following three databases can be added as catalog on Trino server:

      • MySQL

      • Oracle

      • PostgreSQL

    • JDBC Username 

    • JDBC Password

  3. On the ADVANCED tab, you can add custom properties.

  4. Using the IMPORT PROPERTIES button, you can browse and import application properties.

  5. Click the TEST CONNECTION button to check if the connection is successful, and then click Save.

    Note

    To add a resources using this connection as Discovery targets, see Privacera Discovery scan targets.

Deploy Privacera plug-in in Trino

Obtain installation script

Obtain the account unique <privacera-plugin-script-download-url>. This script and other commands run in your Trino command shell to complete the PrivaceraCloud installation.

  1. Go to Settings > API Key.

  2. Use an existing Active API Key or generate a new one.

  3. Click the info icon (i). The Api Key Info page appears.

  4. On the Plugins Setup Script, click the COPY URL button. Save this value on your Trino server. It is needed as the <privacera-plugin-script-download-url> in the next step.

Configure plug-in

  1. In the command shell on your Trino server, run the following commands:

    export PLUGIN_TYPE="trino"
  2. Configure Trino home folder.

    export TRINO_HOME_FOLDER="/opt/privacera/trino-server" 
    #saving privacera_plugin.sh
    wget <privacera-plugin-script-download-url> -O privacera_plugin.sh
  3. Change directory to where you saved privacera_plugin.sh

    chmod +x privacera_plugin.sh
    ./privacera_plugin.sh

    This completes the installation.

Validate Installation

In PrivaceraCloud, open Access Manager > Audit, and click the PLUGIN tab. Look for audit items reporting Plugin Id for Trino and the status "Policies synced to plugin. This indicates that your Trino resource is connected.

Trino supported SQL operations

For a complete list of supported SQL operations and their required permissions, see: