6 minute read · August 27, 2024
What’s New in Dremio, Accelerating Cross-Database Access Control and Workload Management with User Impersonation
· Principal Product Marketing Manager
In today's data-driven world, organizations are increasingly dealing with diverse data environments, encompassing cloud, multi-cloud, on-premises, and hybrid. Efficiently managing and querying data across these varied landscapes can be challenging, particularly when it comes to access control and workload management. Dremio has introduced significant improvements in query federation capabilities, simplifying data access and ensuring robust security and performance across different environments. Key new features such as user impersonation for Teradata, Oracle, and SQL Server enhance security, personalization, and performance in query execution. We will explore these features in detail, highlighting their benefits and implications for cross-database access control and workload management.
What is user impersonation?
User impersonation in the context of federated queries is a mechanism that allows a query engine to execute queries across multiple data sources while using the identity and permissions of the end-user who initiated the query. This process ensures that each data source enforces its specific security policies and access controls based on the user's credentials, thereby maintaining consistent and secure access across different systems.
Simplifying Data Access Across Diverse Environments
Query federation is a powerful capability that allows organizations to access and query data stored in multiple databases and environments without the need to move data. That coupled with a robust semantic layer, truly enables self service analytic access across all of a company's data. Dremio has taken significant strides in enhancing query federation, making it simpler and more efficient to access data across cloud, multi-cloud, on-premises, and hybrid environments. This means that organizations can now more easily query data where it resides, reducing the need for costly ETL (Extract, Transform, Load) processes and data movement, and ultimately increasing the speed at which insights can be gained.
User Impersonation: Enhancing Security and Personalization
A standout feature in Dremio's latest release is user impersonation for Teradata, Oracle, and SQL Server. User impersonation is a critical capability that allows Dremio to pass along a user or role to the underlying databases, ensuring that queries are executed with the appropriate permissions and access controls. This feature significantly enhances security by supporting more granular user permissions, improved access control, and detailed user workload tracking.
Detailed User Workload Tracking
With detailed user workload tracking, organizations can gain deeper insights into how different users are interacting with the data, identifying potential bottlenecks and optimizing query performance. This level of granularity allows for more effective resource allocation, ensuring that critical queries are prioritized and that resources are used efficiently.
Leveraging Existing Database Native Workload Management Capabilities
Another key benefit of user impersonation is the ability to leverage existing database native workload management capabilities. By aligning queries with specific user profiles and resource groups, Dremio allows organizations to take full advantage of the workload management features built into their underlying databases. This can significantly improve the overall performance and efficiency of federated queries, as the database can optimize resource allocation and query execution based on the specific needs of each user.
In Teradata environments this feature allows for more personalized query execution, aligning queries with specific user profiles and resource groups within Teradata. That allows companies who leverage Teradata Active System Management (TASM) to take full advantage of its workload management capabilities for queries coming from Dremio.
With this capability, in Oracle, organizations can also take full advantage of Automatic Workload Management for queries coming from Dremio in their Oracle Real Application Cluster (RAC) environments. It allows companies to more granularly track those workload’s service levels, statistics and metrics in their Automatic Workload Repository. User impersonation not only improves security but also enhances performance as query workload management can be tailored to the specific needs of individual users or roles.
In Microsoft environments, SQL Server user impersonation further enhances Dremio's query federation capabilities in SQL Server environments. This feature allows SQL Server users to benefit from the same enhanced workload personalization capabilities as Teradata and Oracle users. By leveraging SQL Server's Resource Governor, and its Classifier Function companies can align queries with specific user profiles to workload groups. This can improve the overall performance and efficiency of federated queries coming from Dremio.
Reducing Costly ETL & Increasing Time to Insight
Traditional approaches to data integration involve extensive ETL processes and data movement, which can be costly and time-consuming. By enabling seamless query federation, Dremio reduces the need for these processes, allowing organizations to query data where it resides. Coupled with Dremio’s robust semantic layer and optimized relational cache, Reflections, companies can achieve high-performance analytics without data movement. This not only reduces costs and complexity but also increases the speed at which insights can be gained. Dremio allows data to be accessed directly from its source without the need for time-consuming data transfers. In today's fast-paced business environment, the ability to quickly gain insights from data is critical to staying competitive. The latest release of Dremio, featuring user impersonation, makes this process more efficient than ever before.
Conclusion
The improvements in Dremio's SQL Query Engine, in this latest release, represents a significant advancement in query federation capabilities, simplifying data access and enhancing security, personalization, and performance across diverse environments. The introduction of user impersonation for Teradata, Oracle, and SQL Server is a key feature that supports more granular user permissions, improved access control, and detailed user workload tracking. By passing along user or role information to the underlying databases, Dremio allows organizations to leverage existing database native workload management capabilities, improving the overall performance and efficiency of federated queries.