Skip to main content
Skip table of contents

New features

Release 5.0.1

Enhancements

  • Data scoped Access Group

    • Enhancement in Roles
      Associated permissions in roles are changed from 'string' type to 'permission object' type. For details, see the Role schema in the API References.

    • Custom Roles
      In addition to the 5 pre-seeded fixed roles (Admin, Monitoring, DevOps, Masking, and Owner), DCT provides flexibility to create new custom roles as per user need. Users (Accounts) can create new custom roles by encapsulating any combination of permissions. The custom roles can be configured through a UI configuration screen (screenshot below), in addition to a set of APIs to manage roles. For details, see the API References.

  • Updates to existing RBAC model
    For better usability and allow to set more granular permissions there are following enhancements in the RBAC model: 

    • Renamed Access Group "Policy" to Access Group "Scope"

    • Renamed the following APIs related to Access Group actions

      • Add scope to an Access Group
        POST: /access-groups/{accessGroupId}/policies → POST /access-groups/{accessGroupId}/scopes

      • Remove scope from Access Group
        DELETE /access-groups/{accessGroupId}/policies/{policyId} → DELETE /access-groups/{accessGroupId}/scopes/{scopeId}

      • Get Access Group scope
        GET /access-groups/{accessGroupId}/policies/{policyId} → GET /access-groups/{accessGroupId}/scopes/{scopeId}

      • Update Access Group scope
        PATCH /access-groups/{accessGroupId}/policies/{policyId} → PATCH /access-groups/{accessGroupId}/scopes/{scopeId}

      • Add object tags to Access Group scope
        POST /access-groups/{accessGroupId}/policies/{policyId}/object-tags → POST /access-groups/{accessGroupId}/scopes/{scopeId}/object-tags

      • Remove object tags from Access Group scope
        POST /access-groups/{accessGroupId}/policies/{policyId}/object-tags/delete → POST /access-groups/{accessGroupId}/scopes/{scopeId}/object-tags/delete

      • Add objects to Access Group scope
        POST /access-groups/{accessGroupId}/policies/{policyId}/objects → POST /access-groups/{accessGroupId}/scopes/{scopeId}/objects

      • Remove objects from Access Groups scope
        POST /access-groups/{accessGroupId}/policies/{policyId}/objects/delete → POST /access-groups/{accessGroupId}/scopes/{scopeId}/objects/delete

    • Renamed the "everything" flag to "scope_type"
      In order to make it more understandable, we have renamed the everything flag to scope_type. There are three possible values for scope_type i.e. SIMPLE, SCOPED and ADVANCED. The value SIMPLE corresponds to everything=true and SCOPED corresponds to everything=false. The value ADVANCED for scope_type is new enhancement to setting permissions which allows users to set permissions (e.g. READ, DELETE) for an object. There is more information about ADVANCED scope in next section.

    • Access Group Scope: Advanced scope type
      In Add objects to access group scope API, now user can define permissions level checks as well for an object. For example, earlier when object_id and and object_type are provided in request payload, all permissions that are defined in scope are applied to this object. But now user can define specific permissions.

  • Masking Jobs

    • CRUD APIs, COPY, Connectors CRUD

  • Masking Job Execution

    • Connector Credentials

    • Execution API

Custom Roles

  • Accounts can create new instances of role encapsulating any combination of permission.

  • Role name must be unique.

  • Custom roles can be updated. Accounts can add or remove permissions to/from the custom roles.

  • Custom roles can be deleted. (If they are not associated with any Access Group).

Release 4.0

  • Environment Overview List

  • Un-virtualized Source Sizing Report

  • Global VDB Templates

  • Scoped Access Control

  • LDAP/AD and SAML/SSO Configuration UI

Release 3.0

  • Cluster Node (RAC) management APIs

  • Ability to disable username/password authentication globally

  • LDAP/Active Directory groups

  • CDBs/vCDBs APIs

  • VDB Provisioning / update for EDSI (AppData) platforms

  • Engine registration wizard

  • Access Groups Management UI

  • Compliance Engine Management

Release 2.2

Deployment

  • Introducing Kubernetes and OpenShift support

APIs

  • Registration of Continuous Compliance Engines

  • Masking Connectors

  • “Move Masking Job”

  • Masking of mainframe objects

  • Provisioning enhancements for Oracle multi-tenant and RAC

  • LDAP/Active Directory authentication

  • Password management

  • Initial access management by Permissions, Roles, Policies, and Access Groups (permissions applied to all objects of a type e.g. Stop VDB permission on all VDBs)

  • Distributed tracing and logging (Trace ID propagated down call stack)

  • Bulk delete of tags

UI

  • Continuous Data

    • Added tag support to the Infrastructure page

    • New dSources page

    • New VDBs page

  • Insights

    • Added an export behavior to the Storage Summary report

    • New dSource Inventory report

    • New VDB Inventory report

  • Admin

    • New Accounts page

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.