Google BigQuery Access Control and Other Features from Immuta’s Latest Release

Nassir Khan on September 28, 2022
Last edited: November 4, 2024
Default alt text

Immuta’s latest release is here, and we are excited to share the new features and integrations we’ve been working on:

  • Google BigQuery Native Integration – enables seamless fine-grained access controls without being in the data path
  • Snowflake External OAuth – provides secure delegated access and allows customers who use their own IdP to authenticate to Snowflake to do so when Immuta connects to Snowflake as well
  • Snowflake Table Grants – automate management of Snowflake table grants privileges
  • Enhanced Data Source Ingestion for Snowflake – accelerates metadata ingestion at scale
  • Approve to Promote – manages policies across Immuta Dev/UAT/Production environments, enabling easy separation of responsibilities
  • Audit Log Export to S3 – makes it easier to integrate log data with tools such as Splunk
  • No-Subscription Policy for Immuta’s Native Databricks Integration – decouples data policy authoring from policy ingest

Let’s explore these features in detail.

Native Integration to Enable Google BigQuery Access Control (Private Preview)

As the use of Google BigQuery continues to grow globally, enabling secure data access is key to ensuring that only the right people have access to the right data.

Immuta’s comprehensive approach to fine-grained access control goes beyond table-level controls to cover row-level, column-level, and cell-level security, bolstering the security of users’ BigQuery workloads for even the most sensitive data.

With this release, Immuta now natively integrates with Google BigQuery to provide automated data discovery, dynamic access and security controls, and always-on monitoring and reporting, without being in the data path. This strengthens BigQuery data governance by allowing users to quickly, easily, and securely access and share critical data, while benefiting from seamless interoperability in the Google Cloud ecosystem.

Support for Snowflake External OAuth

OAuth is one of the most commonly used open-standard protocols for enabling secure delegated access. Since it does not require users to share or store passwords or other login credentials, it is employed by many companies and software vendors.

Immuta now easily integrates with customers’ OAuth provider to facilitate a seamless workflow between Snowflake and Immuta. This simplifies the process of authenticating and authorizing user access, allowing data teams to enable Snowflake data access faster while also meeting corporate security requirements.

Simplified Management for Snowflake Table Grants

Immuta’s Snowflake integration now manages table grants for users per subscription policy, meaning users no longer have to manually grant users table access. Ultimately, this simplifies the management of privileges in Snowflake when using Immuta, and increases data teams’ time and productivity by eliminating the need for manual processes.

This new approach relies on a per-user Role for table grants(complexity is hidden in role hierarchy under a single role for each user), only users subscribed to a data source in Immuta are able to view and query the Snowflake table. Those who are not subscribed are able to neither view nor query it.

Enhanced Data Source Ingestion for Snowflake (Private Preview)

Most organizations are seeing exponential growth in the amount of data they store and process in Snowflake. Integrating Immuta with Snowflake provides protection for all data sources, and this release increases its capacity to do so. Immuta now makes it possible to ingest metadata for thousands of tables at scale with API-based progress reporting. This means data teams using Snowflake can increase data collection, storage, and usage at the pace of business, without having to worry about any data falling through the cracks.

Streamlined Policy Management with Approve to Promote (Public Preview)

The Approve to Promote feature allows customers to bring in data sources into Immuta without affecting the existing access control until they are ready.

Customers with separate Immuta instances per environment can now enable the Approve to Promote feature to manage policies across Dev/UAT/Production environments. This iteration, which is in public preview, improves management of only those access requests that are ready to be reviewed – not the policies on which the author is still iterating. This improves efficiency and reduces confusion by streamlining the policy approval process.

Direct Audit Log Export from Immuta to Amazon S3 (Private Preview)

More and more customers are storing audit logs in Amazon S3 so they can be analyzed in tools such as Splunk and Snowflake. Capturing and understanding how data has been accessed, used, and changed is a key requirement for data regulation compliance, so it’s a top priority for many AWS customers.

Immuta’s latest release allows Immuta SaaS customers to export audit data collected in Immuta directly to S3, making it easier to integrate with log monitoring services and data pipelines. The audit log data is structured so it can be processed by standard log data processors and tools. This eliminates the need for any manual processes and ensures that all data activity is tracked and monitored appropriately.

No-Subscription Policy for Immuta’s Native Databricks Integration (Private Preview)

With this feature that is now in public preview, enterprise Databricks customers are able to connect data sources to Immuta without affecting any existing access controls until they are ready. This will allow users to decouple data policy authoring from policy ingest, which reduces the upfront effort required to ensure policies were authored correctly initially.

Getting Started

The rapid pace at which data is being created, collected, stored, and analyzed puts the onus on data teams to ensure their infrastructure is managed securely and efficiently. Immuta’s latest release strengthens data discoverysecurity, and monitoring for Google BigQuery, Snowflake, and AWS, providing more streamlined processes that allow users to get more value from their data at scale.

Ready to try it yourself?

Check out Immuta’s self-guided demo to start connecting data sources and building policies.

your data

Put all your data to work. Safely.

Innovate faster in every area of your business with workflow-driven solutions for data access governance and data marketplaces.