Article

What’s New in Immuta to Scale Access to Modern Cloud Data

2021 saw the continued adoption of cloud data platforms and solutions. Yet, the same challenges continued to persist, namely platform complexity and user complexity, with the explosion of user roles across organizations. Data consumption also continued to increase rapidly with the emergence of new use cases around machine learning, predictive analytics, and more, a trend we see continuing in 2022.

Immuta’s latest release focuses on a few key features that aid scalability and usability, including:

  • Databricks impersonation
  • Direct file reads for SQL in Spark
  • The ability to hard delete users
  • Attribute inheritance for users from IAM groups
  • Openshift 4.7 support
  • Bulk approval of subscription requests

In this blog, we’ll walk through the details of each new feature.

Databricks Impersonation

Immuta continues to deepen its integration with Databricks, and now supports impersonation in the Databricks plugin. This means that configured Databricks users can now impersonate any Immuta user and seamlessly enforce policies.

SET immuta.impersonate.user=some_user@company.com;

The primary use case for impersonation tends to be BI dashboards with many end users accessing data using a single service account. By supporting impersonation natively, data platform teams can enforce policies for each end user which leads to faster onboarding processes and safe access to dashboards for more end users. In some cases, data teams may not need to create native accounts for all of their users because Immuta users that don’t exist in the remote system can be impersonated.

Direct File Reads for SQL in Spark

For users who want to manage policies against direct file reads in Spark, Immuta now supports file reads in both Databricks Spark and non-Databricks Spark with support for all major cloud storage. This includes Amazon S3 and ADLS, as well as most major Databricks file types, such as CSV, Delta, Parquet, ORC, AVRO, and EMR file types like Parquet and ORC.

Ability to Hard Delete Users

Previously, users could only be soft deleted, or disabled, in Immuta. For many users, a soft delete was sufficient for compliance with rules such as GDPR. However, some customers require a hard delete of users to comply with their interpretation of various internal and external rules. Admins are now able to hard delete a user from the Immuta platform so that the user is deleted, but their audit logs remain intact.

Attribute Inheritance for Users From IAM Groups

Previously, applying attributes to individual users was inefficient and tedious. This was especially true for users who might have already been grouped in an external identity access management system (IAM). Now, Immuta admins can apply Immuta attributes to groups from external IAMs so that they are inherited by Immuta users within that group thus greatly simplifying management. This allows them to see attribute-based access control (ABAC) policies in action.

Openshift 4.7 Support

Starting with Immuta Helm Chart v4.8.0, you will be able to deploy Immuta on OpenShift. Openshift is one of the main Kubernetes platforms, allowing users to build, deploy, and run applications with a consistent experience. It is widely deployed and its support is vital for organizations that self-manage their Immuta instances.

Bulk Approval of Subscription Requests

Approvers can now bulk approve pending subscription requests from data users without needing to skim through a handful of requests. Approvers that require manual approval processes are empowered to decide how they want to manage bulk subscription requests and their organization’s data users can now get access to data much faster. For instance, an admin with 5,000 requests waiting for manual approval does not need to approve a block of users at a time – the entire 5,000 can be done at once.

Next Steps

Existing customers can now leverage Immuta’s new capabilities and other innovations for cloud data platforms on our self-managed or SaaS deployment. If you’re new to Immuta and want to get a personalized capabilities briefing, request a demo with one of our team of experts.

Ready to get started?

Request a Demo