MySQL - You can now configure the following environment settings to override the Structural default behavior when a connection opens and a session is established:
TONIC_MYSQL_NETWORK_READ_TIMEOUTTONIC_MYSQL_NETWORK_WRITE_TIMEOUTTONIC_MYSQL_WAIT_TIMEOUTTONIC_MYSQL_LOCK_WAIT_TIMEOUTTONIC_MYSQL_INNODB_LOCK_WAIT_TIMEOUT
Azure SSO - Added support for authenticating application service principals using the EntraID client-credentials flow. Service principals can access the Structural API. For configuration requirements, refer to the Azure/EntraID SSO configuration information in the Structural User Guide.
Databricks - Structural now supports writing Identity columns to tables.File connector - You can now assign the Timestamp Shift and Date Truncation generators to Parquet date fields.
PostgresSQL - Removed the option to run PostgreSQL jobs using the older flow. All jobs now run with the Data Pipeline v2.
File connector - Fixed an issue that a caused authorization failures when using Assume Role to authorize access to Amazon S3 from Structural Cloud.
Fixed an issue where after an import from a JSON file, Subsetting view did not immediately reflect the state of the workspace.
Spark - Removed support for Livy on Hive.
For custom sensitivity rules, column matching rules are now always case insensitive. Previously, the column matching rules were always case sensitive.
SQL Server - Added support for:
- Full-Text Search catalogs and indexes
- Change tracking for database and table scopes
Scheduling data generation - From the Jobs view (renamed from Job History) for a workspace, you can now configure the data generation to run automatically on a schedule. The schedule consists of one or more cron expressions, along with the time zone to use for the schedule. The Structural API includes new endpoints to manage the job schedule.
Create sensitivity rule from Database View - When you select the Database View bulk edit option for columns that have the same data type, do not have an assigned generator, and do not have a recommended generator, you now have the option to create a custom sensitivity rule. You can then immediately run a new sensitivity scan to catch matching columns.
Fixed an issue with the JSON Mask generator configuration panel where the example data did not update correctly.
Structural now displays a warning when the pre-job checks determine that the source database is on a newer major version than the destination database.
Salesforce - Rewrote the connector algorithm to avoid using sentinels, and to improve subset creation.
Updated the application to reflect the rename to Tonic Structural. Includes renaming the Tonic Settings view to Structural Settings.
From the Access Management tab of Structural Settings, users with permission to manage Structural access can now restore deleted users.
For a column that is part of a unique compound index, Structural now only suggests generators that can be used for unique columns.
Structural now detects SWIFT codes based on the format of the data in addition to the column name.
Fixed an issue where all subsetting WHERE clauses failed internally.
Databricks
- On self-hosted instances, you can now configure whether Structural creates the destination database schema for Databricks tables. The environment setting
TONIC_DATABRICKS_SKIP_CREATE_DBindicates whether to skip the schema creation. The default is false. The environment settingTONIC_DATABRICKS_ENABLE_WORKSPACE_SKIP_CREATE_DBindicates whether to include the option in the workspace configuration, and useTONIC_DATABRICKS_SKIP_CREATE_DBto determine the default. The default is true. You can add these settings to the Environment Settings list on Structural Settings. - When a cluster is resizing, and the workspace is configured with Use Databricks Job Cluster turned off, Structural data generation now waits for the resizing to complete.
File connector
- Fixed an issue where a copied local files workspace that contained Avro or Parquet files could not be loaded.
- Structural now supports authentication to Amazon S3 buckets using assumed roles for cross-account access.
- Fixed an issue where file connector workspaces did not load when they used an Amazon S3 source with environment-based authentication.
Snowflake
- Fixed a rare subsetting issue where processing a large table could cause the job to hang.
- Fixed an issue where Structural did not retry transient failures when it read unloaded files from a cloud storage provider.
Self-hosted instances can now schedule sensitivity scans to run automatically on a weekly basis. By default, the weekly scans are enabled and run each Sunday at midnight.
Structural can now detect the following additional sensitivity types:
- Money Amount
- Usernames
File connector
- Fixed a regression that made Table View unusable.
Oracle
- Fixed an issue that caused data generation to fail when subsetting with a date-based upstream table filter.
Salesforce
- Resolved issues where Salesforce workspaces became unrecoverable.
- Fixed issues with the use of session refresh tokens.
PostgreSQL
- Preserve Destination and Incremental tables no longer drop columns that reference user-defined types (UDTs) or extensions.
- Added support for the pgvector vector data type as a non-replaceable type that is always passed through to the destination database.
Snowflake on AWS
- Improved performance when copying passthrough tables when a workspace uses separate source and destination S3 buckets.
The scheduled sensitivity scans are now daily instead of weekly. By default, the scans run every day at midnight. Structural scans the 10 workspaces that have the most recent activity. Activity is defined as either a user-initiated workspace event that is added to the Protection Audit Trail, or a data generation job.
On the details view for custom sensitivity rules, fixed an issue where the Edit Current Preset button was always disabled.
When a generation to Ephemeral fails, Structural job logs now include the Ephemeral logs and destination database pod logs.
For users who do not have permission to manage sensitivity rules, the Sensitivity Rules option now displays in a disabled state.
When you configure a workspace to write to a self-hosted Ephemeral instance, or to write to Ephemeral Cloud from a self-hosted Structural instance, the workspace configuration now includes an option to test the Ephemeral connection.
