Release 9.2.8.1¶

Enhanced Policy Download API with Metadata Support¶

The policy download API now includes metadata attributes in the response, providing additional context and information about policies.

Removed Unsupported Masking Types from BigQuery Service¶

Removed unsupported masking types from the BigQuery service definition to ensure only valid masking types are available for masking policy configuration.

Federated Catalog Support in the Lake Formation Connector¶

Added support for federated catalogs in the Lake Formation connector, enabling centralized management and synchronization of federated catalog resources and permissions.

Taxonomy ID Update Support in the GBQ Connector¶

Added support for updating Taxonomy IDs in the GBQ connector after tag-to-resource mapping.

Resolved Issue of Loading Functions from Unmanaged Schemas in Databricks Unity Catalog Connector¶

Resolved an issue where functions from unmanaged schemas were being loaded in Databricks Unity Catalog Connector. The connector now strictly loads functions only from managed schemas.

Fixed Issue Retrieving SQL Action Names for On-Demand Table Events in the Databricks SQL Analytics Connector¶

Resolved an issue where the SQL action name was not correctly retrieved for the table resource when on-demand events were triggered in the Databricks SQL Analytics Connector.

Databricks Unity Catalog Access Audit Workspace ID Column Fix¶

Fixed an issue where audit loading failed due to an incorrect workspace ID column name, ensuring audits load correctly when workspace filtering is enabled.

PolicySync Recovery Mode Audit Logging¶

Added audit logging for recovery mode events in PolicySync, enabling real-time monitoring, easier troubleshooting, and historical tracking through the Portal UI.

Grafana Panels for Changelog Task Queue Backlog¶

Added Grafana panels to the Connector-Common dashboard that break down the Changelog Task Queue backlog by changelog type, providing better visibility into which changelog types are contributing to processing delays.

Grafana Panel for Tag Reconciliation Flow¶

Added Grafana panel to the Connector-Common dashboard to visualize and monitor the tag reconciliation flow introduced in PS Core for the connector.

Alerts for Throttling and Concurrent Modification Exceptions¶

Added alerts for throttling and concurrent modification exceptions to monitor API rate limiting and concurrent access issues in connectors.

Alert Configuration for the Overall Error Request Rate Panel in the Ranger Plugin Common Dashboard¶

Added alert configuration for the Overall Error Request Rate panel in the Ranger Plugin Common Dashboard, improving monitoring and error detection.

Diagnostics Server Enhancements¶

• Updated Docker file to address known security issues identified in CVE (Common Vulnerabilities and Exposures) report.
• Enabled configuration of Privacera Diagnostics Server through Privacera Manager for easier and centralized setup.
• We’ve consolidated the FIPS and non-FIPS setup into one base Dockerfile that server Dockerfiles inherit from, helping reduce build time.
• Integration of Unit tests of Diagnostics Server with build pipeline.

Diagnostics Client Enhancements¶

• Updated the Dockerfile to address known security issues identified in CVE (Common Vulnerabilities and Exposures) reports.
• Enabled configuration of the Privacera Diagnostics Client through Privacera Manager for easier, centralized setup.
• Consolidated FIPS and non-FIPS setups into a single base Dockerfile inherited by client Dockerfiles, reducing build time.

Security Vulnerability Fixes¶

Addressed known security vulnerabilities (CVEs) by updating affected dependencies in the PEG Server and Scheme Server.

Fixed ALPHANUMERIC + FPE Encryption Output Format¶

• Resolved an issue where ALPHANUMERIC + FPE encryption returned format-preserving output instead of Base64 after an upgrade.
• Corrected the encryption behavior to return the expected output format.

Enhanced Dataserver Dashboard with Additional Panels¶

Enhanced the Dataserver dashboard by adding new panels for improved monitoring and visibility into DataServer performance metrics.

Alerts Added for DataServer Panels¶

Two new alerts have been introduced to enhance DataServer monitoring by tracking critical metrics and identifying abnormal behavior:

• Signer High Latency: Triggers when the Signer API response time exceeds 2 seconds.
• PToken Generation Error Rate: Triggers when the PToken generation error rate exceeds 5%.

Metrics Support for Spark Plugin OSS Deployment¶

Added support for metrics in the Spark Plugin OSS deployment, along with a Grafana Dashboard for visualization.

Fixed False Alerts from Stale Tags and Modified Time Updates¶

This release includes fixes to the Discovery Service:

• Stale Tag Handling: Resolved an issue where stale tags in the unformatted view caused false alerts after table rescans involving schema or data changes. The unformatted view now updates correctly, preventing stale tags from being retained.
• Modified Time Accuracy: Updated table rescan behavior so that the modified_time field correctly reflects changes to the table, instead of incorrectly retaining the original created_time.

Base Image Upgraded¶

Base image upgraded to address CVE related issues.

Updated Application Dependencies¶

Upgraded application dependencies to address known security vulnerabilities identified in CVE (Common Vulnerabilities and Exposures) report.