Skip to main content

User Guide

Create a Connection to Trino

You can use Trino as a data source with Privitar Data Security Platform​.

To connect to Trino, you must:

  1. Meet the Trino Connection Prerequisites

  2. Build a Trino Connection String

  3. Authenticate to Trino

Meet the Trino Connection Prerequisites

Before you connect to Trino, you must:

  1. Have a system user that is able to authenticate to Trino using a username and password and has read access to the relevant databases and tables

  2. Have access to the SSL certificate used to encrypt the connection (or the relevant certificate authority certificates)

If your Secure Sockets Layer (SSL) source uses privately-signed server certificates, you must modify the truststore of your data plane in order to trust the server certificates as follows:

  1. Obtain the SSL certificate from the data source.

  2. Convert the SSL certificate to a JKS truststore.

  3. Copy the truststore into the shared/truststores/ location of your data plane configuration mounted volume (the volume used to store JDBC drivers).

    Note

    You will need to refer to this truststore when configuring the SSL JDBC properties. By default, the truststore is mounted on /config/shared/truststores/truststore.jks.

    The mounted volume's directory structure should look similar to the following:

    ├─shared/
| └── jdbc-drivers/
|      └── trino-422.jar
| └── truststores/
|      └── truststore.jks  
├─data-agent
| └── EMPTY
├── data-proxy
| └── EMPTY

  4. Download the JDBC JAR driver that you will use to connect to the data source.

  5. Place the JDBC JAR driver into the shared/jdbc-drivers/ location of your data plane configuration mounted volume (the volume used to store JDBC drivers).

For example, the SSL settings for Trino might look like the following:

jdbc:trino://example.net:443/hive/?user=test&password=secret&SSL=true;sslTrustStore=/config/shared/truststores/truststore.jks;trustStorePassword=changeit
Build a Trino Connection String

The following is an example of a complete Trino connection string:

jdbc:trino://example.net:8080/hive/

To build a Trino connection string, follow this example. Note that it has the following segments:

jdbc:trino://${host}:<port>/<catalog>/

If you have configured to use SSL in the previous section, the SSL settings for Trino might look like the following:

jdbc:trino://example.net:443/hive/?user=test&password=secret&SSL=true;sslTrustStore=/config/shared/truststores/truststore.jks;trustStorePassword=changeit

The following table includes a description of each segment.

Table 4. Trino Connection String

String Segment

Description

host

The Trino hosting node. Required.

port

The port that Trino listens to. The default port number is 443. Required.

catalog

The name of the database catalog. Required.



Authenticate to Trino

The Privitar Data Security Platform​ currently supports username/password authentication for Trino.

Enter the system user's Trino credentials in the Username and Password fields on the platform's Connections page.

In this section: