Release Notes

ESS 2.7.0 (Released 2026-01-13)

Data Views API

A new Data Views API has been introduced to enable fine-grained access control over JSON resources through GraphQL-based filtering. Data subjects can now create filtered "view resources" that expose only specific fields from their source data, allowing selective sharing without exposing sensitive information.

The Data Views API enables:

Reusable View Definitions: Create GraphQL-based filters that define what data to expose
Automatic Synchronization: View resources automatically update when source data changes
Flexible Filtering: Support for field selection, nested objects, numeric comparisons, date ranges, and array membership
Two Binding Types: Filter individual resources (VIEW_RESOURCE) or entire containers (VIEW_CONTAINER)
Privacy Protection: Source resources are protected from deletion while view bindings exist

For more information, see Data Views API.

Prune Improvements

Enhanced pruning capabilities with improved performance and scalability through batch iteration processing. The pruning process now operates in multiple configurable iterations with smaller batch sizes, reducing peak system load and memory consumption.

Key improvements include:

Batch Iteration Processing: Prune jobs now process resources in smaller batches across multiple iterations, reducing resource consumption per cycle
Configurable Iteration Control: New MAX_ITERATIONS parameter (default: 100, Kubernetes deployment: 1000) controls total processing time per job run
Data Views Support: Soft-deleted View Definitions and View Bindings are now included in the pruning process
Fine-tuned Performance: New ITERATION_DELAY_MS parameter allows configurable delays between iterations to further reduce system load

For more information, see Pruning Configuration.

Access Grant Metrics

New Access Grant Metrics feature for monitoring Access Request and Access Grant lifecycle. Prometheus metrics are now exposed for tracking requests by status (pending, granted, denied, canceled, expired) and grants by status (active, expired, revoked).

For more information, see Access Grant Metrics.

Security Enhancements

Database SSL/TLS Support: New kustomizer component for providing database CA bundles to services, enabling SSL/TLS enforcement on database connections. See Database SSL/TLS Configuration.
Kafka SSL Support: New kustomizer component for configuring Kafka clients to enforce SSL on broker connections. See Kafka SSL Configuration.

Changelogs

For changelogs, see 2.7 Changelogs.

PreviousAppendix: OpenTelemetry Next2.7 Changelogs

Last updated 11 days ago

hashtagESS 2.7.0 (Released 2026-01-13)

hashtagData Views API

hashtagPrune Improvements

hashtagAccess Grant Metrics

hashtagSecurity Enhancements

hashtagChangelogs