# 2024.4.15 ### Access Intelligence #### Enhancements * **EAC-33470**: For improved visual clarity, the Snowflake Data Governance and SFDC Access Security Dashboards now show individual tiles for each featured query. You can click any tile for an expanded view of the results over time, or open the results in Query Builder. * **EAC-33540**: You can now view risk changes over the last quarter by setting `90 days` as the time range on the **Risks** page. ### Access Reviews #### Enhancements * **EAC-33906**: Added "All Local Users" as an aggregate option when defining the source/destination in the Access Review Query Builder (replaces "LocalUser"). #### Bug Fixes * **EAC-33804**: Fixed an issue that could result in the sign-off of rows with no decision. * **EAC-33519**: Renamed “User / Group / Resource” to “User Name / Group Name / Resource Name” in the Access Review Certification UI to make wording more consistent. * **EAC-33936**: Row actions are now prevented during row updates. * **EAC-33935**: Entity type groupings such as `Custom Users` now correctly appear in the *Relationship* dropdown when creating queries for Access Reviews. ### Access Visibility #### New Features * **FR-1891, EAC-33852**: All entities now have a `Datasource Last Extraction Time` attribute indicating when metadata was last refreshed for the host data source. * **EAC-28076 Access Graph**: The option to show or hide indirect relationships is now generally available. Use *Advanced Options* > *Include Assumed \[Entity Type]* to filter on source entities with direct access to the chosen destination entity type, and exclude any relationships where a nested group or role grants access. #### Enhancements * **EAC-33770 Query Builder**: Attributes containing lists now support filters with `Exists` and `Not Exists` operators, to find results where these attributes contain any data, or no data. #### Bug Fixes * **EAC-33922**: Pagination is now automatically enabled to reduce graph visualization rendering memory requirements and duration when there are many related entities. A warning indicates when the current page cannot be loaded. * **EAC-33517**: Optimized performance for queries with [Summary Entities](/4yItIzMvkpAvMVFAamTf/features/search/query-builder.md#result-options), specifically when including path summaries without specific count conditions or when the condition is >= 0. ### Veza Integrations #### New Features * **EAC-33498 Palo Alto Networks**: New integration for discovering applications, users, roles, and permissions for [Palo Alto Networks Prisma SASE](/4yItIzMvkpAvMVFAamTf/integrations/integrations/panw.md). #### Enhancements * **EAC-33679 Custom Identity Mappings**: [Custom identity mappings](/4yItIzMvkpAvMVFAamTf/integrations/configuration/custom-identity-mappings.md) can now include *Identity Matchers* to correlate identities even if they do not match a mapping rule. Shown when editing existing integrations, the *Identity Matchers* section enables matching users from any two data sources (such as Azure AD and Okta), if they exist in Access Graph. Administrators can search for users by name, and add as many pairs of users as required. * **EAC-33670 Jira Data Center**: Added support for authenticating using a self-generated CA certificate, uploaded when configuring the Jira Data Center integration. * **EAC-33903 Anaplan**: Added support for directly discovering Anaplan model users. This is optional due to increased API calls required for extraction (>= 1 call per model instead of a single call per workspace). * **EAC-33713 Okta**: The Okta integration now supports incremental updates for faster extraction time and reduced traffic to Okta API endpoints. An Administrator will need to [enable audit logs](/4yItIzMvkpAvMVFAamTf/integrations/integrations/okta.md#enable-audit-logs-for-okta) to enable this feature. #### Bug Fixes * **EAC-33633 Workday**: An error message now indicates when configuring an invalid custom property. ### Veza Platform #### New Features * **EAC-33862**: Administrators can now grant the Veza support team temporary access by creating a limited [Support User](/4yItIzMvkpAvMVFAamTf/administration/administration/users/support-user-access.md) account. #### Enhancements * **EAC-33782**: Teams and roles are now listed in an additional column when exporting the Users list to CSV. * **EAC-33829**: Sections on the Sign-in Settings page are now grouped in categories to separate general, SSO, and local user authentication settings. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/release-notes/release-notes/archive/2024.4.15.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.