Skip to content

Immuta v2020.3.0 Release Notes

Immuta v2020.3.0

Immuta version 2020.3.0 was released November 9, 2020.

v2020.3.0 New Features

Major Features

  • Auto-subscribe and auto-unsubscribe: Users can be automatically subscribed to (or removed from) data sources based on whether they meet the conditions set in an entitlement-based Subscription Policy.

  • Purpose Approvals: When a project owner adds a purpose to a project, the purpose will be staged until a user with the PROJECT_MANAGEMENT or GOVERNANCE permission approves the purpose.

  • IAM improvements:

    • Implemented a SCIM API (which supports OpenID and SAML) to allow external identity providers to create user accounts in Immuta. The API adheres to the SCIM 2.0 API schema.
    • Application Admins can migrate users from an existing IAM to a new one.
    • User Admins can see groups and attributes for users in external IAMs (read-only).
    • Removed the restriction in policies that forced users to specify an IAM when selecting a user entitlement. Consequently, if identical groups or attributes exist in two IAMs (i.e., Immuta IAM and LDAP), the policy will apply to both sets of users.

Beta Features

  • Native Presto and Starburst: Policies can now be enabled natively in Presto without requiring queries to pass through the Immuta proxy.

  • k-anonymization improvements: Users can mask any numeric date or time column using k-anonymization.

Minor Features

  • Derived Data Sources are tagged using Sensitive Data Discovery, but Global Policies are not applied as a result of those tags.

  • Multiple S3/ADLS roots are allowed for project workspaces.

  • Database migration connections now use Unix sockets instead of using the loopback interface.

v2020.3.0 Known Bugs

See Immuta v2020.3.0 Errata.

v2020.3.0 Migration Notes

  • To be more consistent with native enforcement points, we removed support for joins on masked columns of types regex, null, and constant in the context of projects in the Immuta Query Engine (PostgreSQL connection).

  • We no longer support S3 representations of queryable data sources.

  • IAMs are no longer used in policies. If the same groups or attributes exist in more than one IAM, policies will no longer differentiate between the IAMs when determining access.

Immuta v2020.3 Patch Releases

See the following pages for details about each release: