New features

Delphix has announced the depreciation of support for Docker Compose with DCT version 13.0.0. The January 2024 release starts a 12-month depreciation period for all supported versions on Docker Compose. All prior and current product versions will continue to be supported on Docker Compose until January 2025. However, production DCT workloads in Docker Compose are not supported. 

It is highly recommended that new DCT installations are performed on Kubernetes or OpenShift. 

DCT currently supports Continuous Compliance Engines on version 6.0.13.0 and up, however, Delphix highly recommends upgrading Compliance Engines up to version 20.0.0.0 before connecting them to DCT. Please see this technical bulletin for more details.

Release 16.0.0

• Data Risk report
  DCT now shows sensitive data risk for all database connectors on DCT-connected Continuous Compliance Engines. This includes details on whether a data connection has been profiled, contains sensitive data (discovered during profiling), and whether that sensitive data has been masked.

Record coverage metrics are only supported on Continuous Compliance Engines running version 20.0.0.0 or higher. File masking connections will be added in subsequent releases.  

• Block Storage report (capacity trends)
  DCT now persists and shows storage trend data for connected Continuous Data Engines. This data defaults to aggregating all connected engine storage, but can be filtered to show a specific engine or group of engines. This report also includes a three and six month projection to assist administrators with capacity forecasting. 

  • Block Storage report (Top 5 Storage Usage Trends): Building off the Capacity Trends view, DCT shows a breakdown of the top 5 engines (by used capacity) on a stacked trend chart to add a level of granularity on the largest storage consumers. This chart can be filtered via search and includes a projection capability for forecasting. 

  • Block Storage report (Top N Storage Capacity): DCT now drives better granularity on block storage detail (Reserved, dSource, VDBs, Free Capacity) at the engine level. This view defaults to the top 10 or 15 engines by block storage volume, but this view can be filtered using search. 

• Storage Savings report
  DCT now shows a granular Storage Savings view to assist users in determining aggregate object counts, storage consumption, and estimated savings. This report defaults to all objects on all engines, but can be filtered via search. 

• Autotagging
  DCT now has the ability to propagate engine-based groupings as tags in DCT. This includes Dataset Groups for Continuous Data, and Environments and Applications for Continuous Compliance. This feature can be turned on at engine connection or from the engine configuration screen and will stay in sync with an engine until turned off. Auto tags will persist, but will no longer auto update.

• Replication profile management support
  Users can now create, update, and delete replication profiles centrally via DCT APIs. Additionally, DCT now has the ability to create replication profiles from the DCT UI via a wizard that can be found on the Replication Profiles List page. Additional replication UI functionality will be added in subsequent releases.

• Oracle Container Databases enable/disable actions
  DCT users are now able to better manage their Oracle container infrastructure (CDB and vCDB) centrally via the DCT API and UI with enable/disable functionality.

• Simplified Bookmark sharing
  Bookmark privileges have been updated to simplify the sharing process. By default, Bookmark visibility is set to Private, where a user’s read and refresh Bookmark permissions are based on the user’s same permissions on the parent VDB. Bookmarks can be easily shared with all compatible VDBs (i.e. VDBs with the same ancestry) by toggling the Visibility value as Public. This aligns closely with the sharing of bookmarks in Delphix Self-Service.

• Source and origin Timeline display
  Introduced additional detail to each Timeline on the Timeline History tab. Information helpful to users understand where their data is coming from. The Origin Source and Origin Timeline Location details the originally ingested dSource. The Parent Source and Parent Timeline Location details the last source in the lineage. This might be the original dSource, masked parent VDB, or even a sibling who shared a bookmark.

• Enhanced Bookmark permissions
  New permissions are introduced for bookmarks operations like create, read, update, etc. Bookmarks also inherit permissions from its parent dataset (VDBs and Bookmarks) now.

• Terraform Provider
  Changed the default value of wait_time to 0 and removed the storage_size variable to resolve upgrade issues. In future versions of the Terraform Provider, full upgrade-in-place support will be implemented.

• Azure support for PasswordVault
  Azure support is now added for PasswordVault, joining HashiCorp and CyberArk.

Realase 15.0.0

• Enhanced bookmarks organization/search
  The bookmark user experience, including search on VDB and dSource Details pages, has been updated. VDB visibility on the central bookmark, the VDB’s bookmark, and VDB wizard pages has been improved. Bookmarks are also supported via DCT-orchestrated replication.

• Timeline History UX updates
  DCT has consolidated the Active Timeflow and Timeflow History tabs into a single Timeline tab. The new page is similar to the former timeflow history, but now with a search bar and sorting capabilities. You can now sort upon timeline activation [default], timeline creation, parent timeline location, and origin timeline location to enable better identification and filtering for the varying timelines of your datasets.

• Global Compliance Object Sync Report
  The compliance Global Object is the aggregate representation of all multi-use objects (algorithm, domains, rule sets, etc.) on a Continuous Compliance Engine. These objects, among others, are versioned by the Continuous Compliance Engine to clarify if there have been settings or behavioral changes. DCT now surfaces those versioning details to better illustrate if and where there are differences in objects. This could, for example, expose whether or not two engines will mask with identical outputs or not. 

• Oracle CDB Inventory report
  DCT now features an Oracle Container Database (CDB) report that lists both virtual and physical resources across all connected engines, as well as associated pluggable database (PDB) relationships.

• MongoDB and delimited file support via DCT UI
  DCT now supports executing and modifying existing MongoDB and delimited file Hyperscale Compliance jobs. 

• Kubernetes driver
  Support has been added for taking a VDB volume snapshot and provisioning a VDB from a snapshot. In addition, various bug fixes impacting general dataset creation and deletion have been resolved.

• Terraform provider
  There is a new Database resource in the Terraform Provider that allows users to create and delete PostgreSQL environment source configurations.

Release 14.0.0

• New APIs for PostgreSQL
  New APIs have been added, providing the function to create, update, or delete database APIs for PostgreSQL.

• Bug fixes and improvements
  This release focuses on bug fixes and general improvements.

Release 13.0.0

• Algorithm centralization
  To enable better visibility into compliance, masking algorithms across all connected Continuous Compliance Engines can now be centrally viewed in DCT.

• Expanded source linking
  Over the past few years, Staging Push has been introduced, allowing users to bring their own data to Continuous Data. The DCT UI now supports linking for Oracle, SQL Server using Staging Push.  In addition, ASE and SDK connectors such as Postgres, Db2, MySQL, HANA, and MongoDB. 

• Hyperscale Compliance UI enhancements
  Several improvements have been added, including enabling the management of Continuous Compliance Engine assignments of Hyperscale Jobs.

• DCT Toolkit enhancements
  Based on user feedback, several improvements have been made to the fully supported CLI for DCT. Notably, dct-toolkit allows users to provide engine names as values for 'id' options.

• Continuous Data jobs progress
  Users can track job progress in real-time through the Operations UI. 

• Improved Replication visibility
  Replication, used for data movement, disaster recovery protection, Sensitive Data Distribution, and more, requires setting up relationships between Continuous Data Engines. To provide better visibility on these relationships, they have been added to DCT. To further simplify this user experience, the target Continuous Data Engine and dataset are now linked together.

• Engine Performance trend lines
  Historical trend lines have been added to the recently introduced Engine Performance reports.

Release 12.0.0

• Delphix Kubernetes driver
  Virtual databases (vDB) can be provisioned into containers through Helm charts and kubectl commands using a new, pre-built DCT integration. Teardown of these containers can also be automated, enabling ephemeral infrastructure for Kubernetes-based applications.

• Engine performance reports
  New Continuous Data and Compliance reports have been added to improve the central management of engine infrastructure performance. You can now view allocated resources and track performance for all connected engines, including disk latency, network latency, and throughput.

• Hyperscale Compliance jobs
  DCT now has support for creating, managing, and executing Hyperscale Compliance jobs. The concept of Engine Pools have been introduced along with several other enhancements to refine the overall experience.

• User experience improvements
  Several enhancements including customizing the columns across all tables, increased color contrast for better accessibility, simplified navigation across tabs, and a variety of visual style improvements.

• Replication tag inheritance
  DCT now offers API-based simplified tag management for parent/child replication deployments, optionally syncing source tags to a target replica. 

• Oracle and SQL Server source linking
  Linking sources for Oracle and SQL Server is now supported in the user experience, along with creating bookmarks.

• Terraform provider
  A new Terraform resource facilitates creating and deleting Oracle dSources. This expands on the existing data source support with the provider.

Release 11.0.0

• dSource linking support (API only)
  The ability to create dSources for MSSQL (single instance and cluster), Oracle Staging Push, and MSSQL Staging Push has been added. In addition, dSource linking for older engine versions back to 6.0.7 is now supported.

• Last Refresh column added to the VDB tab
  A new column called Last Refresh has been added to the VDB tab, which shows the last refresh date/time of a VDB.

• download.delphix.com enhancements for container-based upgrades
  Changes have been made to download.delphix.com, making it easier to build installation and upgrade automation for DCT using repository-management products like JFrog Artifactory.

  • If you are installing DCT for the first time, please follow the standard installation documentation.

  • If you have an existing installation of DCT you must take the following steps to perform upgrades:

    • Update the registry URL to the new address (http://dct.download.delphix.com) in the values.yaml file.

    • Update the credentials with the new permanent credentials in the values.yaml file.

    • If your organization leverages an allow (white) list, please update the list with the new repository URL(s).

Release 10.0.0

• dSource linking support (API only)
  We have added the ability to create dSources for Oracle, ASE, and Postgres via API. This is currently available for Delphix Continuous Data Engines on version 8.0 and above. Future releases will include full support for all data sources and inclusion of older engine versions.

• Hyperscale Compliance UI (read-only)
  DCT has released a Hyperscale UI under controlled availability. Please reach out to your account team to activate this feature. This enhancement includes the ability to:

  • Register Hyperscale Orchestrators with DCT.

  • Visualize Hyperscale infrastructure configuration parameters such as clusters of engines and mount points.

  • Report on Hyperscale Jobs and Job executions, including near-realtime process feedback.

• Compliance Job Executions report
  For connected Continuous Compliance Engines, DCT now has a new report under DCT Insights that displays all recent job executions (including DCT initiated, engine initiated, and Hyperscale initiated jobs) as well as relevant compliance metrics.

• Provisioning wizard enhancements
  The DCT provisioning wizard now supports provisioning Oracle multi-instance (multi-tenant) and ASE VDBs.

• Operations page
  The DCT Operation page now includes initiator details, which provides visibility of what user/account initiated a job.

• Support for creating a bookmark at point-in-time
  DCT now has the ability to create bookmarks on VDBs under a specified point-in-time via both API and UI. This feature is only compatible for databases that support LogSync and have it enabled.

• VDB lock/unlock
  Users now have the ability to lock a VDB, preventing any sort VDB-based activity (refresh, start, stop, delete, and create bookmark).

• Custom hook support in the DCT UI
  Delphix users now have the ability to add custom hooks to a VDB at the time of provision (as part of the provision wizard UI) and update them under a VDB details page, so that they will execute during refresh operations.

Release 9.0.0

• Jenkins support
  An official Jenkins plugin is now available for Data Control Tower, joining the existing ServiceNow and Terraform integrations. This plugin helps automate the use of data in your CI/CD pipelines and includes support for provisioning and destroying VDBs.

• DCT Toolkit
  We’ve launched a new command line interface (CLI) offering, the DCT Toolkit. The DCT Toolkit allows for remote operation and control of Data Control Tower via your local terminal. Over time, this will replace the previously available DxToolkit.

• Infrastructure wizard
  The create infrastructure flow now supports adding Windows standalone and cluster hosts, as well as Linux cluster hosts. This is expanded from the previous flow that supported standalone Linux hosts. This differs from the workflow on the Continuous Data engine in that it represents a single place to create environment host connections for all connected Delphix engines.

• Provisioning wizard
  The data provisioning workflow now includes additional database types, including Oracle Single Instance Multi-tenant, Oracle Multiple Instance Single Tenant, and SQL Server Multiple Instance Single Tenant.

• Operations dashboard improvements
  Previously, all users could view all operations run by any user on the Operations page. Role-based access can now be provided to different users, showing only operations the user has access to. Simplified text is now used to define the Type column, as well as the Type and Engine Name in the details page.

• Activity Audit Log Summary report
  The Activity Audit Log Summary provides a high-level audit log summary capturing the utilization of DCT by displaying user activity and the historical count of actions executed within the platform.

• Replication mappings
  This feature helps users differentiate between replicated objects and original objects, in case of master and replicated engine, both are registered with DCT.

Release 8.0.0

• Operations dashboard
  Monitor and manage enterprise data activities in real time using a new central view. This provides visibility to the current status across the full complement of Delphix transactions, including provision, refresh, teardown, and compliance jobs.

• Provisioning wizard enhancements
  The data provisioning wizard has been expanded to support additional types, including Oracle Single Instance Linked CDBs and Microsoft SQL Server Single Instance workflows. This will now allow you to provision more data types directly from Data Control Tower. 

• Advanced search tags support
  The advanced search capabilities now support all user-generated tags. You can use personalized tags related to your unique business needs to refine your search results, such as team names or other specific data points.

Release 7.0.0

• Provision VDB UI
  Extending the Developer Experience capability in DCT, users can now provision single-tenant Oracle databases from the user interface using an intuitive wizard workflow.

• Refresh VDB UI enhancements
  The VDB list can now be opened in a searchable, paginated list selector from within a dialog by clicking the select button in the input. Additionally, refreshing a VDB by a bookmark is now available. 

• VDB template import
  Importing and removing imported VDB templates from connected engines is now an available action from the "VDB Config Templates" page. 

• Environment details enhancements
  Managing cluster environment infrastructure has been made easier with the ability to edit host details directly from the page.

Release 6.0.0

• Developer Self-Service UI
  Developers and admins now have the ability to centrally orchestrate common Continuous Data and developer operations from the DCT UI.  This includes the ability to refresh, rewind, bookmark, and bookmark share (refresh to relative). This functionality also exposes the notion of time flows (non-active timelines), which is a critical tool for viewing past work on a VDB, such as the chronology of test results.

• Central compliance orchestration
  The compliance job UI now enables job orchestration and reporting. This includes Job Copy and Execute functions as well as a complete historical job execution log within each compliance job’s details view. 

• Bookmark UI
  Developers and admins now have added visibility of bookmarks, both globally and contextualized, to individual VDBs. These visualizations are dual purpose; for administrators, these screens help with reporting and tagging on bookmarks, while for developers, these screens act as a catalog of actionable data references. 

• Global Bookmark List
  View all bookmarks across your entire connected Delphix ecosystem. This screen will show bookmarks for both single VDBs and VDB groups.

• VDB Bookmark List
  See all bookmarks tied to this individual VDB. This is helpful for sharing bookmarks with team members who have a compatible VDB (same parent and provision point). 

• Environment details page
  Users can now orchestrate common environment actions via the DCT UI including enable, disable, environment refresh, and delete, as well as editing host details. Note, editing host details is only applicable to standalone environments at this time.

• Access visibility
  Object detail pages will include an access tab that provides visibility to user access and the associated permissions for each user. This is a critical enabler for permissions visibility and auditing.

• Copy/delete functionality on role scopes
  Scoped roles can now be copied and deleted within the DCT UI. This will enable easier administration, especially around the use of custom roles, as admins can now copy and modify new roles from templates. 

• External Postgres DB support
  DCT now supports the use of an external Postgres database to house DCT metadata. Previously, DCT supplied and managed its own database, requiring persistent storage within the container platform.  

Release 5.0.1

Enhancements

• Data scoped Access Group

  • Enhancement in roles
    Associated permissions in roles are changed from 'string' type to 'permission object' type. For details, see the Role schema in the API References.

  • Custom roles
    In addition to the 5 pre-seeded fixed roles (Admin, Monitoring, DevOps, Masking, and Owner), DCT provides flexibility to create new custom roles as per user need. Users (Accounts) can create new custom roles by encapsulating any combination of permissions. The custom roles can be configured through a UI configuration screen (screenshot below), in addition to a set of APIs to manage roles. For details, see the API References.

• Updates to existing RBAC model
  For better usability and allow to set more granular permissions there are following enhancements in the RBAC model: 

  • Renamed Access Group "Policy" to Access Group "Scope"

  • Renamed the following APIs related to Access Group actions

    • Add scope to an Access Group
      POST: /access-groups/{accessGroupId}/policies → POST /access-groups/{accessGroupId}/scopes

    • Remove scope from Access Group
      DELETE /access-groups/{accessGroupId}/policies/{policyId} → DELETE /access-groups/{accessGroupId}/scopes/{scopeId}

    • Get Access Group scope
      GET /access-groups/{accessGroupId}/policies/{policyId} → GET /access-groups/{accessGroupId}/scopes/{scopeId}

    • Update Access Group scope
      PATCH /access-groups/{accessGroupId}/policies/{policyId} → PATCH /access-groups/{accessGroupId}/scopes/{scopeId}

    • Add object tags to Access Group scope
      POST /access-groups/{accessGroupId}/policies/{policyId}/object-tags → POST /access-groups/{accessGroupId}/scopes/{scopeId}/object-tags

    • Remove object tags from Access Group scope
      POST /access-groups/{accessGroupId}/policies/{policyId}/object-tags/delete → POST /access-groups/{accessGroupId}/scopes/{scopeId}/object-tags/delete

    • Add objects to Access Group scope
      POST /access-groups/{accessGroupId}/policies/{policyId}/objects → POST /access-groups/{accessGroupId}/scopes/{scopeId}/objects

    • Remove objects from Access Groups scope
      POST /access-groups/{accessGroupId}/policies/{policyId}/objects/delete → POST /access-groups/{accessGroupId}/scopes/{scopeId}/objects/delete

  • Renamed the "everything" flag to "scope_type"
    In order to make it more understandable, we have renamed the everything flag to scope_type. There are three possible values for scope_type i.e. SIMPLE, SCOPED and ADVANCED. The value SIMPLE corresponds to everything=true and SCOPED corresponds to everything=false. The value ADVANCED for scope_type is new enhancement to setting permissions which allows users to set permissions (e.g. READ, DELETE) for an object. There is more information about ADVANCED scope in next section.

  • Access Group Scope: Advanced scope type
    In Add objects to access group scope API, now user can define permissions level checks as well for an object. For example, earlier when object_id and and object_type are provided in request payload, all permissions that are defined in scope are applied to this object. But now user can define specific permissions.

• Masking jobs

  • CRUD APIs, COPY, Connectors CRUD

• Masking job execution

  • Connector Credentials

  • Execution API

Custom roles

• Accounts can create new instances of role encapsulating any combination of permission.

• Role name must be unique.

• Custom roles can be updated. Accounts can add or remove permissions to/from the custom roles.

• Custom roles can be deleted. (If they are not associated with any Access Group).

Release 4.0

• Environment Overview List

• Un-virtualized Source Sizing Report

• Global VDB Templates

• Scoped Access Control

• LDAP/AD and SAML/SSO Configuration UI

Release 3.0

• Cluster Node (RAC) management APIs

• Ability to disable username/password authentication globally

• LDAP/Active Directory groups

• CDBs/vCDBs APIs

• VDB Provisioning / update for EDSI (AppData) platforms

• Engine registration wizard

• Access Groups Management UI

• Compliance Engine Management

Release 2.2

Deployment

• Introducing Kubernetes and OpenShift support

APIs

• Registration of Continuous Compliance Engines

• Masking Connectors

• “Move Masking Job”

• Masking of mainframe objects

• Provisioning enhancements for Oracle multi-tenant and RAC

• LDAP/Active Directory authentication

• Password management

• Initial access management by Permissions, Roles, Policies, and Access Groups (permissions applied to all objects of a type e.g. Stop VDB permission on all VDBs)

• Distributed tracing and logging (Trace ID propagated down call stack)

• Bulk delete of tags

UI

• Continuous Data

  • Added tag support to the Infrastructure page

  • New dSources page

  • New VDBs page

• Insights

  • Added an export behavior to the Storage Summary report

  • New dSource Inventory report

  • New VDB Inventory report

• Admin

  • New Accounts page