Starburst Enterprise


Achieving enterprise-grade security with Starburst Enterprise

Starburst Enterprise Security Guide

End-to-end data encryption and authentication

Encrypting User Access

Connected clients can use ODBC or JDBC drivers and other supported drivers. All connections can use TLS and therefore transfer encrypted data only.

Authenticating Users

Starburst Enterprise enables authentication through the industry standard LDAP protocol. Starburst Enterprise also provides alternative authentication options including password with local user database, certificate, JWT, OAuth2 and Kerberos.

Securing Internal Communication

Full end-to-end encryption of internal traffic between cluster nodes is possible for highly secure environments. Securing internal communication ensures that intermediate data exchanged inside Starburst Enterprise during query processing is encrypted in transit.

Securing Connectors

Starburst Enterprise provides secured access to your data source depends on the particular connector and the source system capabilities. Specifically, Starburst provides end-user impersonation and credential passthrough through credentials of Identity Provider (IdP), Kerberos, and password.

Securing Sensitive Data

To better be in compliance with data security regulations, Starburst Enterprise provides the ability to securely authenticate to sensitive data in various data sources without having to store the plaintext passwords and usernames in the configuration files.

Fine-grained access control

Starburst Enterprise provides global access control over all connected data sources. This allows fine-grained control, including column and row level policy enforcement as well as column level data masking.

Global access control uses open source Apache Ranger to provide an user interface to detail access control including:

Catalog, schema, and table-level control

Column-level control

Row-Level security

Data masking

Detailed security auditing

Event logging

Starburst Enterprise offers the ability to log each query in great detail to a remote database. From here, this data can be queried with Starburst Enterprise or pulled into an existing event logging system.

Compliance – With event logging functionality, Starburst Enterprise enables a full, GDPR level audit trail. This allows tracking access to all data sources submitted to Starburst Enterprise.

Chargeback – Starburst Enterprise tracks users, queries, RAM and CPU resources used for processing, which can be used for chargeback.

Performance Tuning – The data collected for each query includes resource utilization, which enables resource usage per query and can be used to determine queries, users and data sources where performance tuning might be considered. This can be accessed in Starburst Insight.

Starburst Insight

Insights provides a graphical interface to view query history. Users can easily search and view queries that were executed on the cluster at any given time. In addition, detailed statistics are available for each query. Starburst Insights provides a visual overview of important metrics about your Starburst Enterprise cluster for all types of users, from platform administrators to data consumers.

Learn more about Starburst Insight


Starburst Enterprise features integration with Apache Atlas, a framework for the governance of data and metadata assets.


Get started with Starburst


Install anywhere

Starburst includes everything you need to install and run Trino on a single machine, a cluster of machines, or even your laptop.

Download Free

Marketplace offerings

Try Starburst in your preferred marketplace


Start Free with
Starburst Galaxy

Up to $500 in usage credits included

  • Query your data lake fast with Starburst's best-in-class MPP SQL query engine
  • Get up and running in less than 5 minutes
  • Easily deploy clusters in AWS, Azure and Google Cloud
For more deployment options:
Download Starburst Enterprise

Please fill in all required fields and ensure you are using a valid email address.