Rotate the System API Key

When you register the Trino connection, Immuta generates an API key for you to add to your Immuta access control properties file for API authentication between Starburst (Trino) and Immuta. You can rotate this shared secret to mitigate potential security risks and comply with your organizational policies.

Cluster restart required

To update your API key in Starburst (Trino), you must shut down your cluster, generate and update the API key, and then restart your cluster. If you do not shut down your cluster, generating a new API key using the endpoint below will cause downtime for your deployment.

Disable your Starburst (Trino) cluster.
Copy the request example below and replace these values:
- Replace the Immuta URL with your own and the API key with your own user API key.
- Replace the following parameters:
  - name parameter with the unique name of the Trino API key you want to regenerate.
  - connectionKey parameter of the Trino connection associated with the API key.
```
curl -X 'POST' \
  'https://your.immuta.url.com/apikey/system' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: api-key' \
  -d '{
  "name": "trino-connection-1",
  "scopes": ["plugin:trino"],
  "connectionKey": "connection-abc123",
  "regenerate": true
  }'
```
Once you make this request, your old Immuta API key will be deleted and will no longer be valid.
The response includes your new Immuta API key. Replace the old immuta.apikey value in the Immuta access control properties file with this new key.
Enable your Starburst (Trino) cluster.

Error responses

400: Connection key not found, scopes invalid, or a key with the same name exists for a different connection or scope.

PreviousRegister a Trino Connection NextConfigure Starburst (Trino) Integration

Last updated 5 hours ago

Was this helpful?

hashtagError responses

Error responses