Set up Trino

Setting up Trino authentication enables Atlan to securely connect to your database and extract metadata. This process configures the necessary credentials and permissions for Atlan to discover and catalog your Trino assets. You probably need your Trino administrator to run these commands—you may not have access yourself.

Prerequisites

Before you begin, make sure you have:

• Administrative access to your Trino cluster or contact with your Trino administrator
• Access to Trino's configuration files for authentication setup
• HTTPS enabled for secure credential transmission

Set up authentication

Atlan supports two authentication methods for fetching metadata from Trino. Choose the method that best fits your organization's security requirements:

Basic authentication

Use Trino native authentication with username and password credentials.

1. Create a new user with password file authentication by following the steps in the official Trino documentation.

2. Grant read-only access to the user by following the steps in the official Trino documentation.

3. Add a list of catalogs you want to crawl to your rules.json file:

   {
     "catalogs": [
       {
         "user": "atlan",
         "catalog": "postgresql",
         "allow": "read-only"
       },
       {
         "user": "atlan",
         "catalog": "mysql",
         "allow": "read-only"
       }
     ]
   }

   • Replace atlan with your username and list the specific catalogs you want to crawl.

JWT authentication

Use JSON Web Token-based authentication for enhanced security and token-based access control.

1. Configure JWT authentication in your Trino cluster by following Trino's JWT authentication documentation. This includes:

   • Setting up a JWT signing key (RSA or HMAC)
   • Configuring Trino's authentication settings
   • Enabling JWT authentication in your Trino cluster

2. Configure access control for JWT-authenticated users by updating your rules.json file:

   {
     "catalogs": [
       {
         "user": "atlan-user",
         "catalog": "postgresql",
         "allow": "read-only"
       },
       {
         "user": "atlan-user", 
         "catalog": "mysql",
         "allow": "read-only"
       }
     ]
   }

   • Replace atlan-user with your JWT username and list the specific catalogs you want to crawl.

Troubleshooting

If you encounter authentication or permission issues during setup, see Troubleshooting Trino connectivity.

Next steps

• Crawl Trino: Set up and run the Trino crawler to import metadata into Atlan.