Immuta v2023.2 Release Notes
Immuta v2023.2.5 was released October 12, 2023.
Users encountered this error when disabling Snowflake table grants:
Error: Query timed out. The connection information may be incorrect. Please double check and try again.
GRANT SELECT on a shared view in Snowflake fails with the following error:
UDF IMMUTA_PROD.IMMUTA_SYSTEM.GET_ALLOW_LIST is not secure. This issue will be addressed in Immuta v2023.3.1.
Immuta v2023.2.4 was released September 26, 2023.
Users could not query Starburst (Trino) data sources registered using OAuth authentication and got the following 400
This data source was created using anonymous authentication. Users can now set an
admin username globally on the Immuta app settings page
when using OAuth or asynchronous authentication to create Starburst (Trino) data sources.
Immuta v2023.2.3 was released September 22, 2023.
- Global subscription policies that used the
@hasTagAsAttributevariable were not granting and revoking users' access to tables properly.
- Users could not create Azure Synapse Analytics data sources.
- Fixes to address issues that caused Snowflake table grants configuration to fail.
Immuta v2023.2.2 was released August 16, 2023.
Redshift validation tests required
CREATE ON PUBLIC for the Immuta system account, and it should not have been a
Immuta v2023.2.1 was released August 10, 2023.
- Native Snowflake policies and grants were not properly synced when users performed
CREATE OR REPLACEon a table.
- If OAuth was used as the authentication method, users encountered an error when creating a data source with schema monitoring enabled or enabling schema monitoring for an existing data source.
- Fix to address the impact of a recent Databricks change that caused a
NoSuchFieldExceptionerror when querying data on Databricks clusters with Unity Catalog enabled.
- If whitespaces trailed or prefixed a project name when creating a Google BigQuery data source, the view was not created in Google BigQuery.
- Vulnerabilities addressed:
CVE-2021-46708: Immuta no longer publishes the Swagger API, which removes the ability to exploit this vulnerability. Although the affected library is a downstream dependency of a package Immuta uses, the library that contains the vulnerability is not used by Immuta.
Unity Catalog native query audit requires the public preview version of system tables in Unity Catalog to be enabled. Follow the Databricks documentation to enable system tables.
Immuta v2023.2.0 was released July 14, 2023.
- Databricks metastore magic: Migrate your data from the Databricks legacy Hive metastore to the Unity Catalog metastore while protecting data and maintaining your current processes in a single Immuta instance.
- SAML single log out: Minimize security risks by enabling SAML single log out, which terminates abandoned sessions after a timeout event occurs or after a user logs out of Immuta, their identity provider, or another application.
- Native schema monitoring for Snowflake:
Monitor data in your Snowflake environment. This feature detects when new tables or columns are created or deleted
and automatically registers (or disables) those tables in Immuta for you. Native schema monitoring for Snowflake also
improves performance of legacy schema monitoring and enhances it by detecting destructively recreated tables
CREATE OR REPLACEstatements), even if the table schema wasn’t changed.
- Sensitive data discovery customization is now GA: Sensitive data discovery (SDD) is an Immuta feature that uses sensitive data patterns to determine what type of data your column represents. SDD customization allows for organizations to create and insert their own patterns into SDD which will be recognized and then tagged when found.
- Native query audit is now available for the Databricks Unity Catalog integration: Data access activity from Unity Catalog is audited and can be viewed as Immuta audit logs in the UI or exported.
- Tag side sheet: Tag experience has been improved with the addition of tag side sheets, which provide contextual information about tags and can be accessed wherever tags are applied.
- Tags details page: Tags now have a details page that provides valuable information about the tag itself and where it is applied within your data environment.
Deprecated items remain in the product with minimal support until their end of life date.
|Feature||Deprecation notice||End of life (EOL)|
|Amazon EMR Spark and Hive||2023.2||2023.4 LTS|
|Configuring data source expiration||2023.2||2023.4|
|Interpolated comparison WHERE clause function||2023.2||2023.4 LTS|
|Snowflake integration without Snowflake governance features||2023.2||2023.4 LTS|
|Legacy Starburst (Trino) integration (Use the Starburst (Trino) v2.0 integration instead.)||2023.2||2023.4|
- The metrics tab and query tab have been removed from the data source view page.
- The data source health check button has been removed from the data source health menu. Use these health checks instead.
- Single Node Docker installations are no longer supported. Use Kubernetes to install Immuta.
- Fix to address an issue that prevented Snowflake data sources from being created when table names contained a single quote.
- Bulk adding Redshift data sources and then updating policies applied to those data sources sometimes did not update the views to reflect the policy changes in Redshift.
- Removing users from a group in Okta did not remove them from that group in Immuta.
- If a Snowflake integration was configured with a Snowflake catalog, users could not configure another external catalog because the test connection button remained disabled.* Fix to address the configuration of Snowflake keyPair with Snowflake integrations.
- Enhanced policy variables in subscription policies did not work with Snowflake table grants enabled.
- Fix to address re-enabling disabled integrations.
- Data sources created through the Immuta V2 API could not be deleted through the UI.
- The Redshift integration did not properly create views for tables that included column names with special characters.
When users queried those views, they received
column doesn't existerrors.
- Members with timed access to a data source in Immuta could still query data in Snowflake after their access had been revoked in Immuta.
v2023.2 migration note
All users must be on Immuta version 2020.2 or greater to migrate directly to 2023.2.