Known Issues in PrivaceraCloud 3.0

PrivaceraCloud Release 3.0.0.1

The following are known issues in PrivaceraCloud 3.0 release.

  • CLOUD-2560: For Spark Object-Level Access Control with external Hive metastore, Spark SQL does not work.
  • CLOUD-2596: The Databricks plug-in fails to obtain the policy details of newly created tags.
  • CLOUD-2892: When a previously scanned resource is scanned again, the Data Discovery Overview report shows the message "No data to display."
  • CLOUD-3096: In the Scan Summary report, the .xls file type is shown as failed.
  • CLOUD-3185: For groups or users synced into Privacera from an external IdP (LDAP- or LDAP-SSL-based sources, such as Okta, AD, AAD, or SCIM-based sources), deleting the imported group or user in Privacera causes a subsequent UserSync to fail.
    Workaround: Do not delete the imported group or user in Privacera.
  • CLOUD-3255: For Databricks UDF encryption, users whose usernames contain capital letters cause the error message "Full authentication required" error and encryption fails.
  • CLOUD-3306: For users previously added to a group with access to a Databricks data source, a change in group membership is not updated. New users added to groups are successful.
  • CLOUD-3333: In security zones created for Databricks SQL, usage permission is not applied for policy.
  • CLOUD-3344: In some cases, searching in the paginated policy listing might result in a blank page.
    Workaround: Go to the first page and advance page-by-page through the listing.
  • CLOUD-3526: Snowflake advanced audit access history is not working.
  • CLOUD-3534: When policy with MS SQL is applied to a user whose username contains a period (.), the period is converted to an underscore (_).
  • CLOUD-3539: The email address of a new user who accepts the invitation to join an account becomes blank.
  • PRIV-7328: If inactive for 15 minutes after starting, Glue metastore fails to initialize the cluster.
  • PRIV-8469: Spark Fine-Grained Access Control: Access control via privacera_files for an insert overwrite on the local directory displays extra characters.
  • PRIV-8454: Spark access control is not supported on Zeppelin Notebook without Livy.
  • PRIV-8457: Fine-Grained Access Control: If a resource path has a space in it, the wrong resource is shown in Ranger Audits.
  • PRIV-8515: Fine-Grained Access Control: If the username has a full email address, access control does not work properly.
  • PRIV-8456: Fine-Grained Access Control: Unwanted error messages in Databricks startup logs.
  • PRIV-8461: Fine-Grained Access Control on Azure: Access control fails for files with special characters in their names.
  • PRIV-8462: Object-Level Access Control, Fine-Grained Access Control: Client IP address is not displayed for R language queries.
  • PRIV-8468: Object-Level Access Control, Fine-Grained Access Control: For Databricks notebooks, email address erroneously recorded in "permission denied" messages, instead of the correct Ranger username.

Last update: August 20, 2021