Skip to content

You are viewing documentation for Immuta version 2021.5.

For the latest version, view our documentation for Immuta SaaS or the latest self-hosted version.

cancel

Immuta v2021.5.0 Release Notes

Immuta v2021.5.6

Immuta 2021.5.6 was released June 27, 2022.

Enhancements

  • Customer metrics output includes the version of Immuta used.

v2021.5.6 Bug Fixes

  • In the Redshift integration, users' metadata was not updated in the integration if their usernames contained apostrophes.
  • Editing Subscription Policies that were created using the Advanced DSL policy builder broke UI elements.
  • Users could not edit a schema project connection if the number of data sources in the project was too large (around 1500-2000 data sources).
  • Third-party services that implemented Immuta's webhooks interface sometimes blocked HTTP responses. To address this issue, the new webhook subscriber socket time-out value is 10 seconds by default, but this value is configurable.
  • After cloning Global Allow Anyone Subscription policies through the Immuta CLI, the output included allowDiscovery and shareResponsibility, but those fields should not be used in those policies.
  • Creating a new Snowflake integration timed out if users enabled Automatically ingest Snowflake object tags or Native Query Audit.

v2021.5.6 Known Bugs

  • Databricks: Errors occur when using mlflow.spark.log_model on non-Machine Learning clusters.
  • Editing a schema project to a database that already exists fails.
  • If Immuta's built-in identity manager (BIM) is manually disabled, the App Settings page freezes when a user selects Migrate Users from BIM when configuring an external IAM.

v2021.5.6 Migration Notes

  • All users must be on Immuta version 2020.2 or greater to migrate directly to 2021.5.6.

Immuta v2021.5.5

Immuta 2021.5.5 was released May 19, 2022.

v2021.5.5 Bug Fixes

  • Group permissions were not considered when users attempted to create data sources or Global Policies. For example, if a user was a member of a group that had the GOVERNANCE permission assigned to it, that user was not inheriting the GOVERNANCE permission. Consequently, when that user tried to apply a Global Policy to a data source, they received an error. However, if a user had the GOVERNANCE permissions applied to their account directly, they were able to create a Global Policy. This same behavior occurred with the CREATE_DATA_SOURCE permission.
  • The Teradata Native Lite integration generated SQL that caused a syntax error in Teradata when users created Only Show Rows policies.
  • Queries that contained ABS() that were run through the Query Editor (or directly using psql) did not compute the absolute value and did not appear in the remote query.
  • Editing a policy that contained special functions allowed all users to access the data source.

v2021.5.5 Known Bugs

  • Databricks: Errors occur when using mlflow.spark.log_model on non-Machine Learning clusters.
  • Editing a schema project to a database that already exists fails.
  • If Immuta's built-in identity manager (BIM) is manually disabled, the App Settings page freezes when a user selects Migrate Users from BIM when configuring an external IAM.

v2021.5.5 Migration Notes

  • All users must be on Immuta version 2020.2 or greater to migrate directly to 2021.5.5.

Immuta v2021.5.4

Immuta 2021.5.4 was released April 15, 2022.

v2021.5.4 Bug Fixes

  • If an SSL CA cert was used when setting up an LDAP IAM, clicking the Test LDAP Sync button resulted in an error.
  • Tags were removed from data sources if they were applied after data source creation and before the external catalog health check (which is triggered by navigating to the data source). However, tags applied to a data source during creation remained on the data source.

v2021.5.4 Known Bugs

  • Databricks: Errors occur when using mlflow.spark.log_model on non-Machine Learning clusters.
  • Editing a schema project to a database that already exists fails.
  • If Immuta's built-in identity manager (BIM) is manually disabled, the App Settings page freezes when a user selects Migrate Users from BIM when configuring an external IAM.

v2021.5.4 Migration Notes

  • All users must be on Immuta version 2020.2 or greater to migrate directly to 2021.5.4.

Immuta v2021.5.3

Immuta 2021.5.3 was released April 1, 2022.

Feature

Sensitive Data Discovery Global Template and Default Sample Size UI: Users can adjust these configurations on the App Settings page.

Upgrade Note

If users already had a Global Template or default sample size configured in the Advanced Configuration section, these configurations will migrate to the new Sensitive Data Discovery section on the App Settings page when they upgrade their Immuta instance.

v2021.5.3 Bug Fixes

  • Users were unable to enable multiple native SQL Analytics integrations.
  • When a user's group was deleted in an external IAM, that update appeared in Immuta but was not syncing properly in Snowflake.
  • Including leading or trailing whitespaces in configuration field values could cause integrations not to work as expected.
  • Workspace schema names for derived data sources within a project workspace must be unique.
  • The plugins volume that gets mounted in /var/lib/immuta was overwriting other artifacts.
  • If the payload was empty when making a request to the /sdd/run endpoint, a 500 error occurred.
  • An error occurred when saving an SDD template if the same tag appeared in multiple overrides objects in the payload.
  • CVE-2022-0654: Information Exposure in requestretry

v2021.5.3 Known Bugs

  • Databricks: Errors occur when using mlflow.spark.log_model on non-Machine Learning clusters.
  • Editing a schema project to a database that already exists fails.
  • If Immuta's built-in identity manager (BIM) is manually disabled, the App Settings page freezes when a user selects Migrate Users from BIM when configuring an external IAM.

v2021.5.3 Migration Notes

  • All users must be on Immuta version 2020.2 or greater to migrate directly to 2021.5.3.

Immuta v2021.5.2

Immuta 2021.5.2 was released February 25, 2022.

v2021.5.2 Bug Fixes

  • The configuration section on the App Settings page for a native workspace could break if the native handler was not enabled.
  • Databricks:
    • Views: Although users could create views in Databricks from Immuta data sources they were subscribed to, when users tried to select from those views, they received an error saying that the Immuta data source the view was created against did not exist or that they did not have access to it.
    • External Delta Tables: Querying an external Delta table that had been added as an Immuta data source as a non-admin resulted in a NoSuchDataSourceException error if the table path had a space in it.
    • Sensitive Data Discovery failed for Databricks data sources when initiated in the UI if the cluster was configured to use ephemeral overrides.
    • The integration did not work with the Databricks Runtime 9.1 maintenance update.
  • Ephemeral Overrides:
    • The UI was not displaying the checkbox to apply the ephemeral override to multiple data sources.
    • Ephemeral overrides were not being used when calculating column detection.
  • Out of memory errors occurred when several actions or jobs ran simultaneously, such as
    • Bulk disabling data sources
    • Bulk creating data sources
    • Column detection
    • Schema detection
  • Sensitive Data Discovery: Users could not configure sampleSize to override the default number of records sampled from a data source.
  • Snowflake Enterprise Edition Integration: When a data source existed in Immuta but not in Snowflake and a user tried to refresh the native policies, Immuta continuously retried to update the policies and then failed with the following error: Execution error in store procedure UPSERT_POLICIES: SQL compilation error: Table does not exist or not authorized.
  • Vulnerabilities
    • CVE-2022-0355: Information Exposure in simple-get
    • CVE-2022-0235: Information Exposure in node-fetch
    • CVE-2022-0155: Information Exposure in follow-redirects
    • CVE-2021-3807: Regular Expression Denial of Service (ReDoS) in ansi-regex
    • CWE-451: User Interface (UI) Misrepresentation of Critical Information in swagger-ui-dist

v2021.5.2 Known Bugs

  • Databricks: Errors occur when using mlflow.spark.log_model on non-Machine Learning clusters.
  • Editing a schema project to a database that already exists fails.
  • If Immuta's built-in identity manager (BIM) is manually disabled, the App Settings page freezes when a user selects Migrate Users from BIM when configuring an external IAM.

v2021.5.2 Migration Notes

  • All users must be on Immuta version 2020.2 or greater to migrate directly to 2021.5.2.

Immuta v2021.5.1

Immuta 2021.5.1 was released January 21, 2022.

v2021.5.1 Bug Fixes

  • Databricks Integration:

    • In migrated instances, the unique ID field was pre-populated with the hostname, and users could not edit the field.
    • Single-user Databricks cluster policy for sparklyr was formatted incorrectly.

  • Snowflake Integration:

    • Users could not edit the Snowflake system account username because it was a read-only field.
    • Save button wasn't clickable on the App Settings page when users disabled the Snowflake Enterprise Edition integration.
    • Users could query all project data sources (even those they were not subscribed to) when working under the context of a project.
    • Users were unable to create Snowflake derived data sources in the Snowflake Standard Edition integration.
    • Derived data source views were not displaying correctly on the data sources' Overview tabs.
    • Users could not rollback instances from the Snowflake Enterprise Edition to the Snowflake Standard Edition integration if Snowflake SQL-backed data sources existed.

  • Audit Logs: Some time zones caused an error with the minimum date that prevented access to the audit logs in the UI.

  • After they were created, data sources could not be manually linked to a catalog.
  • EMR integration: Users could not create data sources using the Kerberos authentication method.
  • CVEs:
    • CVE-2021-23214: Vulnerability in psycopg 3.0.3.
    • CVE-2021-3918: json-schema was vulnerable to Improperly Controlled Modification of Object Prototype Attributes.

v2021.5.1 Known Bugs

  • Databricks:

    • Errors occur when using mlflow.spark.log_model on non-Machine Learning clusters.
    • For Databricks data sources, Sensitive Data Discovery fails when initiated in the UI if the cluster is configured to use ephemeral overrides.

  • Snowflake integration:

    • Hard deleting a Snowflake data source with native controls doesn't remove policies.
    • Users cannot create Snowflake derived data sources in the Snowflake Standard Edition integration.

  • Editing a schema project to a database that already exists fails.

  • Users cannot create new Hive/Impala data sources using Kerberos authentication through the Immuta UI.

v2021.5.1 Migration Notes

  • All users must be on Immuta version 2020.2 or greater to migrate directly to 2021.5.1.

Immuta v2021.5.0

Immuta version 2021.5.0 was released December 23, 2021.

v2021.5.0 New Features

General Availability

v2021.5.0 Deprecations and Breaking Changes

  • Support for the following databases is deprecated:

    • Blacklynx
    • Jethro
    • MongoDB
    • SingleStore
    • SOLR
    • Yellowbrick

  • Support for Dataproc Spark is deprecated.

  • Policy export/import was deprecated in 2021.4 and replaced with V2 of the API.
  • Support for HDFS data sources was deprecated in 2021.4.

v2021.5.0 Migration Note

  • All users must be on Immuta version 2020.2 or greater to migrate directly to 2021.5.

v2021.5.0 Bug Fixes

  • CVE-2021-3918

  • Databricks:

    • Views with WHERE clauses that included a string with the SQL comment characters -- caused Immuta data source failures.
    • Aliases in view create statements were case-sensitive.
    • Creating a view in a scratch path database from a Snowflake data source resulted in an error: Error in SQL statement: NoSuchElementException: key not found: <masked column>
    • Using mlflow.spark.save_model and mlflow.spark.log_model was blocked by the Immuta Security Manager and other errors.

  • Databricks, Redshift, and Trino integrations: Attributes with two or more single quotes were not handled correctly.

  • Snowflake row access policy performance improvements.
  • Querying XML data from Oracle through the Query Engine did not work.
  • If users used to_char() in the Query Engine or through the Query Editor, the format string had illegal characters, which caused the query to fail.
  • Requesting access to a schema project with a large number of data sources (approximately ten thousand) caused 502 errors.
  • When creating data sources after an Alation catalog was configured, tags were not automatically added to the data sources.

v2021.5.0 Known Bugs

  • Databricks:

    • Errors occur when using mlflow.spark.log_model on non-Machine Learning clusters.
    • For Databricks data sources, Sensitive Data Discovery fails when initiated in the UI if the cluster is configured to use ephemeral overrides.

  • Snowflake integration:

    • Derived data source views don't display properly on the Overview tab.
    • Instances are unable to rollback from the Snowflake Enterprise Edition integration to the Snowflake Standard Edition integration if Snowflake SQL-backed data sources exist.
    • Hard deleting a Snowflake data source with native controls doesn't remove policies.
    • Users cannot create Snowflake derived data sources in the Snowflake Standard Edition integration.

  • Editing a schema project to a database that already exists fails.

  • Users cannot create new Hive/Impala data sources using Kerberos authentication through the Immuta UI.