Immuta v2024.1 Release Notes
New end of support date
The end of support date for 2024.1 has been updated to July 31, 2024.
Immuta v2024.1.13
Immuta v2024.1.13 was released June 25, 2024.
Enhancement
Comply with column length and precision in a Snowflake masking policy: Snowflake is soon requiring the outputs of masked columns to comply with the length, scale, and precision of what the Snowflake columns require. To comply with this Snowflake behavior change, Immuta truncates the output values in masked columns to match the Snowflake column requirements so that users' queries continue to complete successfully.
Bug fix
Data sources were sometimes locked down and inaccessible to users after being registered in Immuta, even if no policies applied to them.
Immuta v2024.1.12
Immuta v2024.1.12 was released June 6, 2024.
Bug fix
Deleting and re-enabling a Redshift integration caused issues for data sources with custom schema/table names and formats.
Immuta v2024.1.11
Immuta v2024.1.11 was released May 31, 2024.
Bug fixes
- Users were unable to access Redshift data sources they had recently registered.
- Immuta was not escaping or encoding special backslash characters (
/
,\
) in usernames, which resulted in bad API requests.
Immuta v2024.1.10
Immuta v2024.1.10 was released May 22, 2024.
Bug fixes
- IAM integrations that had SCIM enabled did not support backslashes
\
in usernames. - UI performance improvements when subscription policies contain special variables (@host, @database, @schema, @table).
Immuta v2024.1.9
Immuta v2024.1.9 was released May 13, 2024.
Bug fixes
- If a subscription policy was built against user attributes it caused UI errors and performance issues.
- Performance improvements of subscription policies.
Immuta v2024.1.8
Immuta v2024.1.8 was released May 7, 2024.
Bug fixes
- The Unity Catalog integration configuration could not be saved if OAuth token passthrough was used as the authentication method.
- External user IDs failed to save if the username contained a psql slash command (
\e
,\t
,\q
, etc.).
Immuta v2024.1.7
Immuta v2024.1.7 was released April 26, 2024.
Bug fix
Immuta failed to connect to users' external metadata database.
Immuta v2024.1.6
Immuta v2024.1.6 was released April 10, 2024.
Bug fixes
- Long subscription policies caused out of memory errors.
- Users could not create or update integration configurations if they used Snowflake External OAuth.
- Users encountered out of memory errors when navigating to the project equalization page if their Immuta tenant had over 200,000 data sources, 400 subscription policies, 200 users, and 4 million tags.
- Performance improvements of native project workspaces.
Feature release March 25, 2024
Write policies for Starburst (Trino) (available in Immuta v2024.1 and newer as of March 25, 2024): In addition to read operations, Immuta's Starburst (Trino) integration now supports fine-grained access permissions for write operations. In its default setting, write operations control the authorization of SQL operations that perform data modification. Administrators can include more operations (such as ALTER and DROP tables) to be authorized as write operations through advanced configuration. Contact your customer success representative to learn more.
Immuta v2024.1.5
Immuta v2024.1.5 was released March 8, 2024.
Bug fix
Users who had access to many data sources encountered a 500 error when trying to view data sources on the data source or project pages.
Immuta v2024.1.4
Immuta v2024.1.4 was released February 28, 2024.
Bug fixes
Vulnerabilities addressed:
CVE-2023-5869
CVE-2024-0985
Immuta v2024.1.3
Immuta v2024.1.3 was released February 22, 2024.
Enhancement
Faster query performance with Snowflake memoizable functions: When a policy is applied to a column, Immuta now uses Snowflake memoizable functions to cache the result of common lookups in the policy encapsulated in the called function.
Subsequently, when users query a column with the applied policy, Immuta leverages the cached result, resulting in significant enhancements to query performance.
To enable support for memoizable functions, please contact your Immuta customer success representative.
Bug fix
Additional fixes to address the following issue: Any attempt to stage or remove automatic subscription policies resulted in revokes not going through to Databricks if there was a casing mismatch between the principal user from Databricks and the external username mapped to Immuta.
Immuta v2024.1.2
Immuta v2024.1.2 was released February 9, 2024.
Bug fix
Additional fixes to address an issue that prevented revokes from going through to Databricks if
- an automatic subscription policy was staged or deleted and
- there was a casing mismatch between the principal user from Databricks and the external username mapped to Immuta.
Immuta v2024.1.1
Immuta v2024.1.1 was released February 2, 2024.
Bug fixes
- Fix to address issues with performance of background jobs.
- Any attempt to stage or remove automatic subscription policies resulted in revokes not going through to Databricks if there was a casing mismatch between the principal user from Databricks and the external username mapped to Immuta.
Immuta v2024.1.0
Immuta v2024.1.0 was released January 25, 2024.
New features
-
Amazon S3 integration: Immuta’s Amazon S3 integration enhances the management of permissions in complex data lakes on object storage. Eliminate scalability concerns as you enforce S3 access effortlessly. You can grant users time-bound access to files and folders, creating a security posture with zero-standing permissions, a gold-standard for compliance.
Additionally, you can grant access to human identities seamlessly through Identity Providers (IdPs) like Okta, Microsoft Entra ID, and more, thanks to integration with AWS IAM Identity Center. With the implementation of attribute-based access controls (ABAC) for S3, Immuta provides a simplified and efficient approach to managing data lake permissions. The privileges you set using the Amazon S3 integration can apply anywhere, from the CLI, to your applications using AWS SDKs, and on Amazon EMR Spark and Amazon SageMaker. Elevate your data governance with these advanced capabilities and experience a seamless and secure data access environment. Contact your customer success manager for more details.
-
Integrations API: The integrations API allows you to integrate your remote data platform with Immuta so that Immuta can manage and enforce access controls on your data.
-
Write policies: Write policies is a new capability to manage user write access authorizations via policy (enabling users to modify data in data source objects). This release supports the new functionality for Snowflake and Databricks Unity catalog integrations. Contact your customer success manager for more details.
Deprecations and breaking changes
Deprecated items remain in the product with minimal support until their end of life date.
Feature | Deprecation notice | End of life (EOL) |
---|---|---|
Databricks Spark with Unity Catalog support integration | 2024.1 | 2024.2 LTS |
dbt integration | 2024.1 | 2024.2 LTS |
MySQL | 2024.1 | 2024.2 LTS |
Audit output to container log | 2024.1 | 2024.4 |
Legacy sensitive data discovery (SDD) | 2023.3 | 2024.4 |
v2024.1 migration note
All users must be on Immuta version 2022.5 or newer to migrate directly to 2024.1.