Release 9.0.19.1¶

Support for EMR & EMR-SERVERLESS Versions 7.8.0¶

This release introduces support for EMR and EMR-Serverless with versions 7.8.0.

Resolved Databricks FGAC Unexpected Access Invocation During saveAsTable Operations¶

Resolved an issue in Databricks FGAC where saveAsTable() operations using Append and Overwrite modes triggered unexpected access checks on resources. This fix ensures that permission checks are performed as expected.

Resolved Databricks FGAC Issue for IgnorePath property not working for write operation¶

Resolved an issue in Databricks FGAC where df.write() operations were incorrectly triggering access permission checks, even when ignorePath was properly configured in the Databricks cluster. With this fix, such operations now work as expected without triggering access checks for paths listed in the ignorePath configuration.

Resolved Issue for Excessive Log Warnings for Ignored Paths¶

Implemented a fix to eliminate redundant warning logs generated for paths listed in the ignorePath configuration.

API Error Retry Handling, API Batch Size Configuration and Batch Permissions Grant/Revoke¶

The Lake Formation connector uses Glue, Lake Formation, and Identity Management APIs to perform various actions. These APIs have rate limits, which can throttle the connector if exceeded, and may return a ConcurrentModificationException when attempting to update resource permissions in parallel. To prevent throttling and concurrent modification errors, the connector now handles ThrottlingException and ConcurrentModificationException responses by pausing the execution thread for a predefined interval before retrying the request.

The batch size for Lake Formation, Glue, and IAM API calls, previously fixed at 100, is now configurable through properties. This allows users to optimize api performance based on their specific workload requirements.

This release introduces batch APIs (batchGrantPermissions and batchRevokePermissions) for granting and revoking permissions in bulk, improving efficiency and reducing the number of API calls. It also includes enhanced error handling that logs specific failures, ensuring better visibility and simplifying troubleshooting.

Applied a fix for Nginx reload after receiving every heartbeat from a client.¶

• Instead of reloading Nginx every 20-30 seconds, it now reloads only when a new service pod is registered.

Applied a fix for the issue related to pod explorer full screen mode¶

• We are now able to open a full screen mode of a pod explorer without any flickering of screen.

Applied Fix on Error Log Filter¶

• Enhancements to the diagnostic error log filtering include streamlined input handling, support for multiple timestamps, and a consolidated filter workflow—significantly improving usability and efficiency.

Improved Solr tests and added CPU Utilisation Tests in Diagnostics Tool¶

• Implemented a fix to ensure Solr is included and returns expected results based on configuration. Enhanced diagnostics by adding CPU utilization checks.

Configure Additional Destinations for Telemetry data¶

Privacera now supports exporting telemetry data — including metrics, logs, and traces — to custom destinations. This enhancement allows customers to forward Privacera’s telemetry data to their existing monitoring tools, such as Prometheus, Loki, and Tempo.

Post Install Job for Grafana Dashboard and Alerts¶

A new job named post-install-job has been introduced in Privacera Manager to automatically upload Grafana dashboards and alerts.

• This job runs automatically during every upgrade.
• It also executes at a configured scheduled interval.

For more details, refer to the Post-Install Job section in Advanced Configuration.

Improved UI Support for Databricks Unity Catalog Naming Convention¶

Enhanced the user interface to accurately reflect the Databricks Unity Catalog’s standard hierarchy: Catalog > Schema > Table. This update ensures consistent representation during Data Source Configuration and Policy Creation within the Discovery module, improving usability and aligning with expected data governance structures.

Removal of 'Autorun' Option from Datazone Policy Configuration UI¶

The 'Autorun' option has been deprecated and removed from the Datazone Policy Configuration UI. The portal will no longer auto-trigger scans based on this option. ✅ No action is required from users, as the option is no longer available in the UI.

Kafka Connection Stability Enhancement on Portal Startup¶

Added a retry mechanism for establishing Kafka connection during portal startup. Enhanced error handling and reporting for better visibility and troubleshooting.

SCIM / SCIM-Server changed to assume user object active flag is true if attribute not present.¶

If user object does not contain active flag attribute in request/response, the active status of the user is set to true.

Ensure values in cache support UTF-8 character-set.¶

All values written and read from UserSync cache are correctly encoded/decoded with UTF-8 character-set.

Entra ID improved performance of deleted group search.¶

When deleted object search is enabled and deleted group search is performed, do not perform group member search as membership list is not required.