Enable Dynamic Trino
Audience: System Administrators
Content Summary: This page details how to install the Native Dynamic Trino (previously PrestoSQL) access pattern. Native Trino is only available with certain licenses, please see your Immuta representative for more information. Native Dynamic Trino in Immuta is only compatible with Trino (previously PrestoSQL); PrestoDB is not supported.
1 - Enable Native Trino
- Click the App Settings icon in the left sidebar.
Click Enable in the Presto/Trino SQL Integration section.
The catalog configuration displayed in this section will need to be written out on all Trino nodes (/etc/trino/config/catalog/immuta.properties).
2 - Install Dynamic Trino Plugin
Best Practice: Immuta Archives Access Required
A user with access to Immuta's Archives site is required to conduct the download in this step. Credentials to access the site can be obtained by visiting the Immuta Download Site and logging in with your Immuta Accounts credentials. At the very bottom of the page is an All Archives section with a here link that will take you directly to the archives site with your account credentials already applied.
Download the Trino plugin (
immuta-trino.zip) from Immuta's Archives site. Select a tab below for links to specific plugin files:
Follow Trino's documentation to install the plugin:
- Create this directory:
immuta-trino.zipto the directory.
- Create this directory:
Install the Immuta Trino plugin on all Trino nodes within your cluster.
3 - Create an
Follow Trino's documentation to create this catalog directory:
To configure the Immuta connector, mount the Immuta connector as the Immuta catalog: Create an
immuta.propertiesfile with the following contents, replacing the connection properties with your Trino Cluster Configuration displayed on the App Settings page:
connector.name=immuta immuta.endpoint=https://your-immuta-url.com/ immuta.apikey=<your-api-key>
Best Practice: Trino Database Structure
The top level is set based on the name of the catalog properties files in the
Use the name
immuta.properties for this file, which will result in a Trino catalog named “immuta.”
4 - Configure Event Listener on Your Cluster
- Create an
event-listener.propertiesfile in this directory:
/etc/trino/. For more details, see Trino's Event Listener documentation.
Copy the Event Listener Configuration items from the App Settings page and paste it in the
5 - Configure Trino to Block Access
Best Practice: Give Users
read-only Access to Immuta Catalog
read-only access to the Immuta catalog. This will prevent users from describing the views, which in
turn prevents them from seeing secrets involved in some masking policies.
Follow Trino's System Access Control documentation to configure Trino to block access to any catalog that is not Immuta so that all user access has policies enacted on it.