Run Trino CLI¶

This section explains how to validate your Trino setup by running a basic sample query using the Trino CLI.

1. Verify Pod Status Check the status of the coordinator and worker pods

   Bash
   1	kubectl get pods -n <TRINO_NAMESPACE>

   Ensure both coordinator and worker pods show Running status before proceeding.

2. Access the coordinator pod

   Bash
   1	kubectl exec -it <COORDINATOR_POD_NAME> -n <TRINO_NAMESPACE> -- /bin/bash

3. Start the Trino CLI using the following command

   Bash
   1	trino

4. After entering the Trino CLI, execute a basic query to validate access management.
   The following example demonstrates creating a schema:

   SQL
   1	CREATE SCHEMA IF NOT EXISTS <schema_name>;

   To allow the user to access an S3 path, you need to configure a policy in Privacera Portal with the following steps:
   1. Navigate to the Privacera Portal.
   2. Go to Access Management → Resourrce Policies.
   3. Select the privacera_hive service.
   4. Click Add New Policy (or edit an existing policy, if applicable).

   The following is an example policy configuration

   Sample Resource Policy:

   • Policy Name: <name of the policy>
   • Hive Database: <schema_name>
   • Permissions: <create>
   • User/Group/Role: <assign your user/group/role>

Expected Behavior¶

The query execution will demonstrate access control enforcement:

• If the user has the required permissions: The query executes successfully and the schema is created.