Skip to content

Release 9.0.32.1

This is the Rolling Release Notes for the Release 9.0.32.1. These release notes are applicable only to Privacera's Self Managed version.

Databricks Unity Catalog

Known Issue: Extra Apply Command During Permission Reconciliation

In this release, an additional apply command is triggered during permission reconciliation only when masking and row-level filtering (RLF) are present in Privacera policies. This may cause minor, temporary performance slowdowns during reconciliation, but does not affect overall functionality.

Spark Plugin

Upgraded Ranger Plugin Version

Upgraded Ranger Plugin Version

Upgraded the Ranger plugin version in the Spark Plugin and EMR to improve performance and reduce memory utilization.

Trino Plugin

Upgraded Ranger Plugin Version

Upgraded Ranger Plugin Version

Upgraded the Ranger plugin version in the Trino Plugin to improve performance and reduce memory utilization.

PolicySync Connector

Set JDBC as Default Connection for Databricks Unity Catalog Connector

Set JDBC as Default Connection for Databricks Unity Catalog Connector

  • The Unity Catalog connector now uses JDBC as the default method for database connections, replacing the earlier API-based approach. This change improves performance and overall efficiency.
  • The JDBC URL must be specified for Databricks, as it is required to support Unity Catalog features such as native masking, row filtering, and access auditing. For more information, refer to the Connection Details section.
Performance Optimization for Changelog Loading During Initial Sync in RocksDB

Performance Optimization for Changelog Loading During Initial Sync in RocksDB

Improved the efficiency of loading the pending changeLogs during initial sync to significantly reduce processing time in large environments.

Better Traceability with Changelog ID and Type in Logs in PS Core

Better Traceability with Changelog ID and Type in Logs in PS Core

  • Changelog Queue + START: Introduced audit and activity logging for better visibility of changelog events.
  • Apply Logs: Now enriched with changelogId and changelogType fields to support end-to-end traceability.
  • Log Messages: All relevant logs now include changelogId and changelogType, enabling easier debugging and correlation of actions across the system.
Automated Tag Reconciliation in BigQuery Connector

Automated Tag Reconciliation in BigQuery Connector

  • Introduced a reconciliation feature in the BigQuery connector that automatically detects and resolves missing or extra tags in Ranger.
  • This process runs at configurable intervals to ensure tag consistency between BigQuery and Ranger.
Support for Roles in BigQuery Connector

Support for Roles in BigQuery Connector

  • Added Support For Roles in GBQ Connector that will act as a domain principal.
  • This format is supported for roles domain:<domain_name>.
Ported Hotfix Changes for Databricks Unity Catalog and Databricks SQL Connector

Ported Hotfix Changes for Databricks Unity Catalog and Databricks SQL Connector

  • Added optimization to skip unnecessary group membership updates in Databricks.
  • Introduced caching to improve performance during bulk operations.
  • Enhanced API throttling handling for more efficient and reliable sync.
Databricks Unity Catalog Connector - JDBC Timeout Configuration

Databricks Unity Catalog Connector - JDBC Timeout Configuration

  • Added configurable JDBC timeout settings to improve connection stability and performance.
  • Users can now configure socket timeout (default: 18000 seconds) and connection timeout (default: 30000 milliseconds) for better handling of network latency scenarios.
  • Configuration is available through YAML, the Self-Managed Portal, and the PrivaceraCloud Portal. For more details refer - Fine Tuning JDBC Connection for Databricks SQL
Support for Batch Processing of On-Demand Sync Event in Lakeformation

Support for Batch Processing of On-Demand Sync Event in Lakeformation

  • Support batch processing of on-demand sync events
  • Previously, the connector processed on-demand sync events individually.
  • It now supports batch consumption and processing of events, improving performance and scalability.
Backpressure Support for On-Demand Task Sync

Backpressure Support for On-Demand Task Sync

  • Introduced threshold-based control on the changelog queue to limit task fetching from the ops-server.
  • This prevents connector overload during on-demand task synchronization.
  • For more information, refer to On-Demand Sync Backpressure Control.
Updated Application Dependencies

Updated Application Dependencies

Upgraded application dependencies to address known security vulnerabilities identified in CVE (Common Vulnerabilities and Exposures) report for following connectors:

  • Databricks Unity Catalog
  • Lakeformation
  • Postgres
  • Redshift
Base Image Upgraded

Base Image Upgraded

Updated the base image to a newer Debian version to address known security vulnerabilities identified in CVE (Common Vulnerabilities and Exposures) report for following connectors:

  • Databricks Unity Catalog
  • Lakeformation
  • Postgres
  • Redshift

Privacera Monitoring

Support for Multiple Grafana Destinations

Support for Multiple Grafana Destinations

Privacera now supports configuring additional Grafana destinations for uploading Privacera monitoring dashboards and alerts.
This enhancement enables customers to push monitoring dashboards and alert configurations to multiple Grafana instances.
Follow Link for setup

Privacera Kafka

Updated Application Dependencies

Updated Application Dependencies

Upgraded application dependencies to address known security vulnerabilities identified in CVE (Common Vulnerabilities and Exposures) report.

As part of this upgrade, Kafka version has been updated from 3.7.0 to 3.9.0. Kraft Mode support is now available with this version.

For upgrades, the default mode remains ZK mode. To switch to Kraft mode, follow the migration steps documented in the discovery advance configuration section. See here.

For fresh installations, Kraft mode can be enabled by setting the appropriate property. See here.

Comments