Skip to main content

Release notes

2.24#

18 October 2021

Authorization and repository access#

  • Early access feature: Granular and dynamic repository access management with ChatOps: Cyral’s app in Slack handles just-in-time repository access requests and approvals.
  • Early access feature: Auto-approval: If an access request falls within the duration limits set by your administrators, Cyral can automatically approve it.

2.23#

13 September 2021

Repository support#

  • Denodo support
  • Connections to Redshift and Denodo via Tableau

2.22#

17 August 2021

Repository support#

  • Inline data classification on Snowflake

Identity and SSO#

  • Snowflake users who connect from Tableau are now looged with their Tableau identity data
  • Snowflake SSO with Azure Active Directory now supported

Authorization and repository access#

  • Support for non-TLS versions of the SQL Server client

2.21#

14 July 2021

Repository support#

  • MongoDB cluster support
  • Connections to Snowflake via Tableau, R with ODBC, Java JDBC, others

Identity and SSO#

  • ADFS (on-premises Active Directory) support
  • Easier integration with Okta

Secrets management#

  • Ability to use Cyral's Vault secrets management integration in a Hashicorp Nomad environment

Logging and auditing#

  • Logging of blocked queries on Snowflake repositories

2.20#

4 June 2021

Repository support#

  • New clients supported for SQL Server 2016: SQL Server Management Studio and Powershell

Identity and SSO#

  • G Suite identity provider

Authorization and repository access#

  • Ability to expose the Cyral auth token in native applications
  • Ability to block PostgreSQL queries that have no LIMIT clause

Secrets management#

  • Keycloak support for environments that use Aptible deployment
  • Add sidecar support for Hashicorp Nomad

Logging and auditing#

  • Audit logging of connect and disconnect events
  • Ability to insert user's session data as comments in queries, allowing logging to the repository's native log facility.

2.19#

7 May 2021

Repository support#

  • SQL Server

Identity and SSO#

  • ForgeRock
  • Azure Active Directory

Secrets management#

  • Support for Hashicorp Vault
  • Keycloak support for environments running all major deployment frameworks

Deployment and provisioning#

  • Control plane can be hosted in Google Kubernetes Engine (GKE)

Logging#

  • Cyral query log captures session parameters set via SET or SELECT set_config statements. See userConfigParameters in the Log Specification.

2.18#

5 April 2021

Repository support#

  • Oracle
  • Redshift

Identity and SSO#

  • SSO with Forgerock Identity Management (Forgerock IDM)

Authorization and repository access#

  • On-call access management integrated with PagerDuty schedules
  • Cyral policies now support rate limiting
  • Cyral policies now support query rewriting on PostgreSQL and Snowflake repositories

2.17#

5 March 2021

Upgrade and deployment features#

  • Downloadable sidecar templates to simplify rolling upgrades and redeployments
  • Ability to clone a sidecar for blue-green, or parallel, upgrades
  • Standard sidecar template can now contain G Suite SSO settings for Snowflake repositories

2.16#

5 February 2021

Identity and SSO#

  • Identity mappings are introduced as an improved replacement for explicit grants

Deployment and provisioning#

  • Support for autoprovisioning of the Cyral control plane and sidecars
  • Sidecar deployment templates now support enabling/disabling support for a particular repository type. For example, when deploying a sidecar, you can use this feature to turn off PostgreSQL support in that sidecar.
  • Support for provisioning CNAMEs and certificates for Snowflake sidecars
  • Support for Google's GCR and Amazon's ECR container registries for both Cyral control plane and sidecars
  • Improved variable names in sidecar templates to make them more intuitive for users

Logging#

  • All sidecar templates now support logging to Sumologic
  • Helm-deployed sidecars now support logging to Splunk and Kafka
  • Improvements in log volume settings: Logging can be set to log full table scans, and the logging facility now supports mixing sensitive log groups with DQL, DML, and DDL log groups.
  • Log volume settings are now customizable on Dremio repositories

Alerts#

  • Some Cyral preconfigured alerts are now supported on Snowflake repositories.