Managing Lakehouse Catalog Access
Lakehouse Catalog Access is available only if the Lakehouse is enabled on your Saagie installation. This must have been enabled by your administrator during the configuration of the Saagie installer, saagiectl. They must have answered the prompt to use Lakehouse when configuring your cluster settings.
|
Creating a Lakehouse Catalog Access
-
Click
Security from the primary navigation menu.
By default, the
Users page opens, listing the existing user accounts. -
Click
Lakehouse from the secondary navigation menu.
The Lakehouse page opens, listing the existing Lakehouse Catalog Access. -
Click Create lakehouse catalog access to create a new lakehouse catalog access.
-
Enter the lakehouse catalog name.
-
Click Create access to confirm the access creation.
A message appears saying that your catalog access has been created.
The newly created Lakehouse Access appears in the list.
Roles on Lakehouse Catalogs
At least one role on a Lakehouse catalog is needed to access it. A role allows to list the catalogs, schemas, tables, columns, and to execute queries on them.
A role is defined by the following pattern: trino-catalog-catalog_name-<role> with <role> in read, write, or admin according to the needed access.
The specific role trino-admin allows to execute all SQL queries supported by Trino on all catalogs. We can’t create this role, but it’s set for the administrators group by default.
|
The following table lists the minimal role required to execute the corresponding command on a Lakehouse catalog:
| Command | Minimal Role on Catalog |
|---|---|
SHOW CATALOGS |
trino-catalog-catalog_name-read |
SHOW SCHEMAS |
trino-catalog-catalog_name-read |
SHOW TABLES |
trino-catalog-catalog_name-read |
SHOW COLUMNS |
trino-catalog-catalog_name-read |
SELECT * FROM table |
trino-catalog-catalog_name-read |
SELECT * FROM view |
trino-catalog-catalog_name-read |
INSERT INTO table … VALUES … |
trino-catalog-catalog_name-write |
DELETE FROM table WHERE … |
trino-catalog-catalog_name-write |
UPDATE table SET … WHERE … |
trino-catalog-catalog_name-write |
SHOW CREATE TABLE |
trino-catalog-catalog_name-admin |
CREATE SCHEMA |
trino-catalog-catalog_name-admin |
DROP SCHEMA |
trino-catalog-catalog_name-admin |
SHOW CREATE SCHEMA |
trino-catalog-catalog_name-admin |
ALTER SCHEMA … RENAME TO |
trino-catalog-catalog_name-admin |
ALTER SCHEMA … SET AUTHORIZATION |
trino-catalog-catalog_name-admin |
CREATE TABLE |
trino-catalog-catalog_name-admin |
DROP TABLE |
trino-catalog-catalog_name-admin |
ALTER TABLE … RENAME TO |
trino-catalog-catalog_name-admin |
ALTER TABLE … SET PROPERTIES |
trino-catalog-catalog_name-admin |
ALTER VIEW … RENAME TO |
trino-catalog-catalog_name-admin |
SHOW CREATE VIEW |
trino-catalog-catalog_name-admin |
CREATE VIEW |
trino-catalog-catalog_name-admin |
DROP VIEW |
trino-catalog-catalog_name-admin |
ALTER VIEW … RENAME TO |
trino-catalog-catalog_name-admin |
REFRESH MATERIALIZED VIEW |
trino-catalog-catalog_name-admin |
COMMENT ON TABLE |
trino-catalog-catalog_name-admin |
COMMENT ON COLUMN |
trino-catalog-catalog_name-admin |
ALTER TABLE … ADD COLUMN |
trino-catalog-catalog_name-admin |
ALTER TABLE … DROP COLUMN |
trino-catalog-catalog_name-admin |
ALTER TABLE … RENAME COLUMN |
trino-catalog-catalog_name-admin |
Others commands on a specific catalog |
trino-catalog-catalog_name-admin |
Manage catalogs |
trino-admin |