Skip to content

Release 9.0.13.1

This is the Rolling Release Notes for the Release 9.0.13.1. This release notes are applicable only to Privacera's Self Managed version.

Information

This release is exclusively for deployments on the AWS Cloud.

Privacera Portal

Improved UI for Resource Display in On-Demand Policy Sync

Improved UI For Resource Display in On-Demand Policy Sync

  • Enhanced the UI to resolve inconsistencies when displaying a large number of resources in the On-Demand Policy Sync page (Access Management → View Policy Sync Status → On-Demand Policy Sync).
  • When more than two resources are present, a resource details popup with a search option is now available for better visibility.
  • If resource data is in an unstructured format, it will be displayed as raw JSON within the popup.
Enhanced Ops-Server Error Notifications

Enhanced Ops-Server Error Notifications

A snackbar notification now appears whenever the connection between the Portal and the Ops server fails, ensuring better visibility of connection issues.

Diagnostic Test Cases for SSL Properties

Diagnostic Test Cases for SSL Properties

Introduced diagnostic test cases to verify that server SSL properties and Keystore alias details are correctly set in the configuration.

Privacera Monitoring

Observability Stack Upgrade

Observability Stack Upgrade

Privacera has upgraded its observability stack to improve monitoring, alerting, and performance insights. The updated stack now includes Grafana, Prometheus, and OpenTelemetry, offering comprehensive visibility into system health and performance.

The above services are enabled by default when Privacera is installed in an AWS environment. If you are upgrading from a lower version, re-run the command ./pm_with_helm.sh install-monitoring to access all the latest features. In addition to the above services, we also provide the option to enable Loki, Pyroscope, and Tempo in the stack. These are disabled by default. For more details, check the Privacera Monitoring section.

Spark Plugin

Support for read-metadata permissions on Databases, Tables, and Columns in Databricks Notebooks

The FGAC plugin now supports the creation of privacera_hive policies with READ permissions on databases, tables, and columns, aligning its behavior with the Databricks SQL connector. Backward compatibility for read-metadata with SELECT permissions is still supported. To ensure audits reflect the read-metadata permission in the Audits UI, the following property needs to be added to the Databricks clusters' Spark configuration.

Bash
spark.hadoop.privacera.fgac.sql.metadata.read.denied.audit.enabled true

Support Added For Open Source Spark(OSS) 3.5.4

Support for Open Source Spark (OSS) 3.5.4 has been added.

Support aws-sdk-v2 signing For Kubernetes Spark With Privacera Spark Plugin

Support has been added for Kubernetes Spark (k8s_spark) in the AWS SDK v2 implementation, ensuring successful Spark job execution with the Privacera Spark Plugin. This enhancement addresses previous failures caused by the lack of support.

Improved Spark Plugin Debug Ability In Error Messages

The Spark plugin has been enhanced to provide more detailed and informative error messages, improving the debugging and issue resolution process. The updated error messages now include additional context to help identify the root cause more effectively.

Fixed REDACT Masking For DBR 12.2 LTS And Above

A fix has been implemented to address the issue of REDACT masking failure with the Date datatype in DBR 12.2 LTS and higher versions.

Fixed CTAS Query Issue With Specific RLF Policy Condition On DBR 14.3 LTS, EMR and Open Source Spark(OSS)

An issue has been fixed that caused CTAS query failures when applying a specific Row Level Filtering (RLF)policy condition with an expression involving a SELECT query on a table. This issue unexpectedly required access to the underlying table on DBR 14.3 LTS, EMR, and OSS.

Fixed EMR serverless Issue - Externalized Properties Not Working For Spark-sql Job

In EMR Serverless, if a spark-sql job is submitted to perform create-database or create-table use cases, job is failing when the EMR Serverless image is built with externalization of file privacera_spark.properties enabled. This fix ensures that the properties are correctly externalized and the job executes successfully.

Fixed EMR Serverless Issue - Alter Rename CTAS Table Fails With An Exception

In EMR Serverless, attempting to rename a CTAS table would result in a failure with an exception. This fix ensures the operation executes successfully without any exceptions.

Comments