Skip to main content

Privacera Documentation

PrivaceraCloud Release Notes

This is information about the new features and enhancements in Privacera products and services, updates to supported third-party systems, and important announcements for each release. Release notes are available with every new version of the Privacera software package. 

Each release comes with product documentation that explains any new features or enhancements.

For more information about feature availability, see Privacera's Product Support Policy

Updates in PrivaceraCloud Release 8.0

Access Management updates

The cache management in Privacera Usersync for removing the missing users/group from cache is improved.

Databricks Unity Catalog connector is now generally available with PrivaceraCloud.

Governed Data Stewardship (GDS) is now generally available with PrivaceraCloud.

PrivaceraCloud now support access control in Azure SQL Managed Instance for the following policies:

  • FGAC

  • Row filtering

  • Column masking

  • Tag based access control.

The access control support is provided for the Microsoft AZURE SQL Data Warehouse (AZURE Synapse Analytics).

Databrick Unity Catalog connector will support Conditional Masking feature.

Snowflake supports masking the date datatype (MASK_DATE_SHOW_YEAR) while creating or updating the policy. This allows users to mask the date type column and to replace day and month with a fixed value without changing the year value. For example, if the column has 15/05/2001, the masked value should be 01/01/2001.

PrivaceraCloud now supports for External Account in the AWS Lake Formation connector for both Pull mode and Push mode.

PrivaceraCloud supports access control in the Dremio connector for the followings:

  • Select and Alter privileges for Datasets.

  • Sources and Spaces.

AWS Redshift: Privacera supports revoking of existing permissions from the managed resource after the Redshift connector is installed.

Column-level access control messages from Redshift on AWS

AWS Redshift has released an update that affects the error messages from Redshift for column-level access control. Before the Redshift change, for a user defined in a column-level access control policy with SELECT and DataAdmin permission but no access to all the table columns, SELECT * FROM TABLE returned the error message "Access Denied".

After the Redshift change, SELECT * FROM TABLE query results show only those columns the user has permission to access, with no “Access Denied” error message.

This behavior change applies only to tables, not views. For example, SELECT * FROM TABLE_secure (the secure view created by Privacera access control policy) still returns "Access Denied".

Discovery updates

The Vertica connector is now generally available for configuration with PrivaceraCloud. It supports Privacera Discovery.

UI updates

Under Access Management > Audits, added columns for Workspace ID and Workspace Name.

Job details for the ongoing job will be displayed in the UI for GDS.

Supported versions of third-party systems in PrivaceraCloud

The versions of third-party systems that PrivaceraCloud supports are listed in the following table:

Table 70. Third-party systems and the supported versions of each

Third-Party System

Supported Versions

Databricks Runtime Version

7.3 LTS, 9.1 LTS , 10.4 LTS, 11.3 LTS, 12.2 LTS, 13.0 (Preview)

Databricks Spark Version

3.0.1, 3.1.2, 3.2.1, 3.3.0, 3.3.2, 3.4.0

Open Source Spark Plug-In

3.3.2, 3.4.0 (Preview)

EMR (Privacera Plug-Ins)

6.5.0, 6.10.0

EMR (Native Ranger Plug-In)

6.3.1

Open Source Trino

407, 413

Dremio Software (with PolicySync connector)

22.0, 23.0

Dremio Software (with Ranger Plug-In)

20.0, 21.7

Starburst Enterprise

407 LTS, 413 LTS



Access Management updates

Audit data retention: For best performance in viewing audit data, the short term storage of audit data has been modified to 5 days.

All of the audit data is available for you via long term storage. The archived audit logs from PrivaceraCloud are stored in Azure ADLS storage and AWS S3 buckets. If you have any questions, contact Privacera Support.

Preview Databricks Unity Catalog: The Unity Catalog connector is now certified in the Azure Databricks environment.

 

Unity Catalog Connector's native implementation supports Masking, Row-Level Filtering, and Column-Level access control.

The AWS Lake Formation connector is now generally available for configuration with Privacera. It can be configured in either pull or push mode.

Attribute-based Access Control (ABAC) now supports nested Role-Level Filter policies.

When you delete a service from the Resource Policies page, a warning message appears if Governed Data Stewardship (GDS) is enabled for that service.

Access Management updates

Support for filtering databases and tables in the EMR Hive Glue metastore

EMR Hive Glue metastore now supports filtering databases and tables based on access policy.

Creating select access policy for AWS Lake Formation in Apache Ranger for pull mode

The row-level filter policy in Lake Formation with all columns creates an access policy in Apache Ranger for * columns in pull mode.

Support access control on functions in PostgreSQL

PrivaceraCloud now supports access control policies on PostgreSQL functions.

UserSync updates

Support of service principal in Databricks for Privacera UserSync

Databricks Privacera UserSync now supports specifying a service principal.

UI updates

Improved policy creation page

Improved policy creation page with intuitive information to create policies.

Improved Account Settings screen

The account admin can now edit the personal information on Account Settings screen.

REST API changes

Formerly, for an unauthorized user call, the REST API for Access Manager and Ranger returned the HTTP response code 401-Unauthorized. Instead, the REST API now returns response code 403-Forbidden (unauthorized).

The REST API response body now does not return attributes or fields that have no values. This has improved the response time for many calls.

Access Management updates

Support of DROP permission for AWS Redshift tables

The Privacera PolicySync connector now supports DROP permission for AWS Redshift tables.

Improved dataset and resource listing page in Governed Data Stewardship

The dataset and resource listing pages display a configurable number of rows per page.

Support of access management for EMR's Multiple master node configuration

EMR clusters with multiple master nodes can be configured for access management.

UI updates

Introducing restart functionality in PrivaceraCloud Portal

When any configuration outside of the application configuration is changed, you need to restart your application, encryption, or UserSync. This is to ensure that the updated configuration functions properly. This functionality is added for Applications, Encryption, and UserSync services.

PrivaceraCloud is now in the Whitelisted IP addresses list

PrivaceraCloud has been added to the list of Whitelisted IP Addresses.

Special characters are not allowed in PrivaceraCloud

Special characters such as <, >, &, and " are not allowed when configuring things in PrivaceraCloud.

PrivaceraCloud browser compatibility

Table 71. Browser compatibility matrix for PrivaceraCoud portal

Supported Browser

Minimum Version

Google Chrome

47

Safari

9

Firefox

45

Opera

36

Microsoft Edge

12



Documentation changelog

For documentation updates in this release, see Privacera documentation changelog.