Skip to content

You are viewing documentation for Immuta version 2.8.

For the latest version, view our documentation for Immuta SaaS or the latest self-hosted version.

Immuta v2.8.0 Release Notes

Immuta v2.8.0

Immuta version 2.8.0 was released February 13th, 2020.

v2.8.0 New Features

Major Features

  • Query Editor: The Query Editor allows you to execute queries against data sources within the console.

  • Policies Page: This page allows you to manage and search policies, and potential conflicts are pre-computed as you build policies.

  • External Masking: You can now store data masked with custom encryption or other algorithms on-ingest into your database and set policies to allow Immuta to decrypt on-read using your algorithm and keys; consequently, decryption only happens where you deploy Immuta, which could be on-premises, while data on-cloud remains masked.

  • HIPAA Safe Harbor: Immuta now ships with a staged HIPAA Safe Harbor policy, so you simply need to activate this policy to be HIPAA Safe Harbor compliant. This is the first of many automated policies to ship with Immuta.

  • K-Anonymization Policy: Masking with K-Anonymization examines pairs of values across columns and hides groups that do not appear at least a specified number of times (k).

Minor Features

  • Immuta Tableau connector allows Tableau users to connect directly to an optimized Immuta connection rather than PostgreSQL.

  • Immuta supports protecting S3 data down to the prefix-level (no longer just bucket-level) and reuse of SQS queues across prefixes in the same bucket.

  • You can manage KDC domains through the App Settings page.

  • You can now override the rounding policy precision when building a Global Policy.

  • If Global row-level policies contain references to a tag in the WHERE clause that doesn't exist in the data source, the policy is not applied.

  • Ignored directories can be configured in HDFS.

  • Simplified user impersonation: With the configured power user in PostgreSQL, impersonation is possible without a user API token.

  • Configuring attributes from an external identity provider in the Immuta configuration UI is possible in addition to configuring groups.

  • Tag matrix report: This report option details what users have accessed data sources containing any tag.

  • Support for CDH 6. Note: You should upgrade Immuta before you upgrade to CDH 6.

v2.8.0 Major Bug Fixes

  • None.

v2.8.0 Known Bugs

  • None.

v2.8.0 Deprecation Notices

  • None.

v2.8.0 Breaking API Changes

  • None.

v2.8.0 Migration Notes

The mechanism that generates salts and keys for masking policies has changed in v2.8.0. There are two impacts to this change:

  1. Any pending unmask requests will not work. All unmask requests should be handled prior to the migration, or the query will need to be re-run after the migration and new unmasking requests will need to be resubmitted.

  2. You may experience issues with existing Project workspaces with data that has already been written to the workspace. If data has been written using the old masking scheme (including hashing, reversibility, and format preserving policies) before the migration, and then data is written post-migration, the same data will not mask to the same value, so you will not be able to do a join.

Immuta v2.8 Patch Releases

See the following pages for details about each release: