Skip to content

You are viewing documentation for Immuta version 2023.2.

For the latest version, view our documentation for Immuta SaaS or the latest self-hosted version.

Immuta v2023.2 Release Notes

Immuta v2023.2.6

Immuta v2023.2.6 was released December 20, 2023.

Bug Fix

After a Redshift integration connection test was successful in the Immuta UI, users encountered an Internal server error when attempting to save the integration settings.

Immuta v2023.2.5

Immuta v2023.2.5 was released October 12, 2023.

Bug Fix

Users encountered this error when disabling Snowflake table grants: Error: Query timed out. The connection information may be incorrect. Please double check and try again.

Known Bug

Attempting to GRANT SELECT on a shared view in Snowflake fails with the following error: UDF IMMUTA_PROD.IMMUTA_SYSTEM.GET_ALLOW_LIST is not secure. This issue will be addressed in Immuta v2023.3.1.

Immuta v2023.2.4

Immuta v2023.2.4 was released September 26, 2023.

Bug Fix

Users could not query Starburst (Trino) data sources registered using OAuth authentication and got the following 400 error: This data source was created using anonymous authentication. Users can now set an admin username globally on the Immuta app settings page when using OAuth or asynchronous authentication to create Starburst (Trino) data sources.

Immuta v2023.2.3

Immuta v2023.2.3 was released September 22, 2023.

Bug fixes

  • Global subscription policies that used the @hasTagAsGroup or @hasTagAsAttribute variable were not granting and revoking users' access to tables properly.
  • Users could not create Azure Synapse Analytics data sources.
  • Fixes to address issues that caused Snowflake table grants configuration to fail.

Immuta v2023.2.2

Immuta v2023.2.2 was released August 16, 2023.

Bug fix

Redshift validation tests required CREATE ON PUBLIC for the Immuta system account, and it should not have been a requirement.

Immuta v2023.2.1

Immuta v2023.2.1 was released August 10, 2023.

Bug fixes

  • Native Snowflake policies and grants were not properly synced when users performed CREATE OR REPLACE on a table.
  • If OAuth was used as the authentication method, users encountered an error when creating a data source with schema monitoring enabled or enabling schema monitoring for an existing data source.
  • Fix to address the impact of a recent Databricks change that caused a NoSuchFieldException error when querying data on Databricks clusters with Unity Catalog enabled.
  • If whitespaces trailed or prefixed a project name when creating a Google BigQuery data source, the view was not created in Google BigQuery.
  • Vulnerabilities addressed:
    • CVE-2021-46708: Immuta no longer publishes the Swagger API, which removes the ability to exploit this vulnerability. Although the affected library is a downstream dependency of a package Immuta uses, the library that contains the vulnerability is not used by Immuta.
    • CVE-2023-37920
    • CVE-2023-38704

Breaking Changes

Unity Catalog native query audit requires the public preview version of system tables in Unity Catalog to be enabled. Follow the Databricks documentation to enable system tables.

Immuta v2023.2.0

Immuta v2023.2.0 was released July 14, 2023.

New features

  • Databricks metastore magic: Migrate your data from the Databricks legacy Hive metastore to the Unity Catalog metastore while protecting data and maintaining your current processes in a single Immuta instance.
  • SAML single log out: Minimize security risks by enabling SAML single log out, which terminates abandoned sessions after a timeout event occurs or after a user logs out of Immuta, their identity provider, or another application.
  • Native schema monitoring for Snowflake: Monitor data in your Snowflake environment. This feature detects when new tables or columns are created or deleted and automatically registers (or disables) those tables in Immuta for you. Native schema monitoring for Snowflake also improves performance of legacy schema monitoring and enhances it by detecting destructively recreated tables (from CREATE OR REPLACE statements), even if the table schema wasn’t changed.
  • Sensitive data discovery customization is now GA: Sensitive data discovery (SDD) is an Immuta feature that uses sensitive data patterns to determine what type of data your column represents. SDD customization allows for organizations to create and insert their own patterns into SDD which will be recognized and then tagged when found.
  • Native query audit is now available for the Databricks Unity Catalog integration: Data access activity from Unity Catalog is audited and can be viewed as Immuta audit logs in the UI or exported.

Enhancements

  • Tag side sheet: Tag experience has been improved with the addition of tag side sheets, which provide contextual information about tags and can be accessed wherever tags are applied.
  • Tags details page: Tags now have a details page that provides valuable information about the tag itself and where it is applied within your data environment.

Deprecations

Deprecated items remain in the product with minimal support until their end of life date.

Feature Deprecation notice End of life (EOL)
Amazon EMR Spark and Hive 2023.2 2024.2 LTS
Configuring data source expiration 2023.2 2023.4
Interpolated comparison WHERE clause function 2023.2 2024.2 LTS
Snowflake integration without Snowflake governance features 2023.2 2024.2 LTS
Legacy Starburst (Trino) integration (Use the Starburst (Trino) v2.0 integration instead.) 2023.2 2023.4

Removed features

  • The metrics tab and query tab have been removed from the data source view page.
  • The data source health check button has been removed from the data source health menu. Use these health checks instead.
  • Single Node Docker installations are no longer supported. Use Kubernetes to install Immuta.

Bug fixes

  • Fix to address an issue that prevented Snowflake data sources from being created when table names contained a single quote.
  • Bulk adding Redshift data sources and then updating policies applied to those data sources sometimes did not update the views to reflect the policy changes in Redshift.
  • Removing users from a group in Okta did not remove them from that group in Immuta.
  • If a Snowflake integration was configured with a Snowflake catalog, users could not configure another external catalog because the test connection button remained disabled.* Fix to address the configuration of Snowflake keyPair with Snowflake integrations.
  • Enhanced policy variables in subscription policies did not work with Snowflake table grants enabled.
  • Fix to address re-enabling disabled integrations.
  • Data sources created through the Immuta V2 API could not be deleted through the UI.
  • The Redshift integration did not properly create views for tables that included column names with special characters. When users queried those views, they received column doesn't exist errors.
  • Members with timed access to a data source in Immuta could still query data in Snowflake after their access had been revoked in Immuta.
  • Vulnerabilities:
    • CVE-2023-30861
    • CVE-2023-32681

v2023.2 migration note

All users must be on Immuta version 2022.5 or newer to migrate directly to 2023.2.