Release 9.2.2.1¶
These are the Rolling Release Notes for Release 9.2.2.1. These release notes are applicable to both Privacera's Self-Managed version and PrivaceraCloud.
Privacera Manager¶
Enhanced Kubernetes Security and Deployment Practices
Enhanced Kubernetes Security and Deployment Practices¶
Implemented Kubernetes best practices across all Privacera Manager–managed components to improve reliability, scalability, and security. Updates include rolling update strategies with configurable topology spread constraints, dynamic Pod Disruption Budgets, and standardized resource configurations to ensure consistent performance. Additionally, unnecessary RoleBindings and ClusterRoleBindings were reviewed and removed to align with the principle of least privilege, thereby strengthening overall cluster security.
These features are disabled by default to ensure backward compatibility and can be enabled through configuration variables. Refer to the Advanced Configuration Documentation for details.
CVE Fixes in Privacera Manager Image
CVE Fixes in Privacera Manager Image¶
Upgraded system binaries to address known security vulnerabilities identified in the CVE (Common Vulnerabilities and Exposures) report.
Apache Ranger¶
Updated Application Dependencies
Updated Application Dependencies¶
Upgraded application dependencies to address known security vulnerabilities identified in the CVE (Common Vulnerabilities and Exposures) report.
Fixed Duplicate Access Type Definitions
Fixed Duplicate Access Type Definitions¶
Removed a duplicate access type in the TAG service definition.
Added a unique constraint to ensure each access type is unique within the same service definition.
Fixed Ranger-Admin GDS Policy Download Issue
Fixed Ranger-Admin GDS Policy Download Issue¶
Resolved an issue where Ranger-Admin failed to download GDS policies. Due to this failure, GDS policies were not getting updated, resulting in GDS policy enforcement not working. The issue has now been fixed, and GDS policies are correctly downloaded and enforced.
Solr¶
Updated Application Dependencies
Updated Application Dependencies¶
Updated Application Dependencies to address known security vulnerabilities identified in the CVE (Common Vulnerabilities and Exposures) report.
ZooKeeper¶
Updated Application Dependencies
Updated Application Dependencies¶
Updated Application Dependencies to address known security vulnerabilities identified in the CVE (Common Vulnerabilities and Exposures) report.
Privacera Portal¶
[Self-Managed only] Custom Ordering for "Must Have" Keys in Unstructured Discovery Rules
[Self-Managed only] Custom Ordering for "Must Have" Keys in Unstructured Discovery Rules¶
We have improved the Discovery Portal UI for unstructured discovery rules, giving you more control over rule evaluation. Previously, "Must Have" feature keys were always sorted alphabetically, even when strict key order was required. Now:
- You can manually reorder the selected feature keys in the "Must Have" section.
- This custom order is honored during rule evaluation when the "Key Order Strict" option is selected.
This change provides greater flexibility and accuracy when defining the required feature order for unstructured rule-based data discovery.
[PrivaceraCloud only] Enhanced Session Sync Across Browser Tabs
[PrivaceraCloud only] Enhanced Session Sync Across Browser Tabs¶
Your login sessions now stay synchronized across multiple browser tabs. When you log in, log out, or switch accounts in one tab, all other tabs automatically update to match—ensuring a seamless, consistent experience throughout your session.
[PrivaceraCloud only] Resolved Email Job Failure Due to Missing Account ID for Enrolled Domains
[PrivaceraCloud only] Resolved Email Job Failure Due to Missing Account ID for Enrolled Domains¶
Resolved an issue where the email job failed when a user's domain was not enrolled and the account ID was missing. Added proper account ID assignment for enrollment emails and improved error handling in the metric service to prevent similar failures.
Trino Plugin¶
Support to Configure Custom Cluster Name for Trino
Support to Configure Custom Cluster Name for Trino¶
Added support for configuring custom cluster names in Trino deployments to enable better identification in audits.
Support for Open Source Trino (OST) Version 472 in PCloud
Support for Open Source Trino (OST) Version 472 in PCloud¶
This release adds support for Open Source Trino (OST) runtime version 472.
Spark Plugin¶
Handled NullPointerException in Non-Databricks Spark Environments
Handled NullPointerException in Non-Databricks Spark Environments¶
Fixed a NullPointerException that caused Spark job failures in non-Databricks environments such as EMR and OSS Spark. The plugin now properly validates the environment before accessing Databricks-specific runtime information.
Enhanced Configuration File Validation
Enhanced Configuration File Validation¶
Improved input validation for resource type plugin configuration loading. The plugin now gracefully handles missing or inaccessible configuration files on worker nodes, preventing job failures and logging appropriate warnings instead.
DataServer¶
STS Token Processing Fix and S3 Bucket Encryption Configuration
STS Token Processing Fix and S3 Bucket Encryption Configuration¶
- Resolved a
ConcurrentModificationExceptionthat occurred during STS token response processing. - Added configuration flag
dataserver.aws.s3.bucket.encryption.check.enableto control automatic fetching of bucket encryption settings from AWS S3 for generating STS policies with proper KMS permissions.
Dashboard Enhancements: DataServer
Dashboard Enhancements: DataServer¶
Added a new DataServer Dashboard with metric panels and an alert to improve visibility into DataServer requests and error detection.
PolicySync Connector¶
Added Support for Service Credential Resource in Unity Catalog Connector
Added Support for Service Credential Resource in Unity Catalog Connector¶
Added support for the Service Credential resource in the Unity Catalog Connector.
Enhanced Row-Level Filter Policy Duplicate Permission Elimination [OMNI]
Enhanced Row-Level Filter Policy Duplicate Permission Elimination [OMNI]¶
Enhanced the connector to eliminate duplicate permission entries generated for row-level filter policies with identical permissions and principals before sending to the metadata service.
Updated Connectors:
- Snowflake
- Databricks Unity Catalog
Ranger Changelog Processing Optimization
Ranger Changelog Processing Optimization¶
Optimized changelog handling to prevent duplicate entries during frequent updates. This reduces queue buildup, lowers system load, and improves overall synchronization speed. To know more, see Skip Duplicate Ranger Changelogs.
Ranger Roles and UserStore Handling Improvement
Ranger Roles and UserStore Handling Improvement¶
Fixed redundant changelog creation for Ranger Roles and UserStore in API mode. Now, data updates are processed only once through the principal changelog, improving performance and consistency.
Resolved User Deletion and User Membership Removal Issue on User Email Case Updated in Unity Catalog Connector
Resolved User Deletion and User Membership Removal Issue on User Email Case Updated in Unity Catalog Connector¶
Fixed an issue causing user deletion and users getting removed from groups in UC when user email case is updated on the portal.
Resolved Fix with Case Sensitive User and Group Emails for Repeated Grants in Google BigQuery
Resolved Fix with Case Sensitive User and Group Emails for Repeated Grants in Google BigQuery¶
Fixed an issue causing repeated grants due to case-sensitive user and group email handling in BigQuery. Refer to Principal Name Case Sensitivity for more details.
Dashboard Enhancements: Connector
Dashboard Enhancements: Connector¶
- Added a new
JDBC Connections Statsrow with metric panels in theConnector JDBC Metricsdashboard. - Fixed variable issues in the
Outgoing HTTP Requestspanels in theConnector-Commondashboard.
- Prev topic: Releases