N2WS-18738 - Password saved as plain text for Recovery Scenario target added via RestAPI

N2WS-18738 - Password saved as plain text for Recovery Scenario target added via RestAPI

Issue:

When creating Recovery Scenario(CPM v3.0 and up) and adding a backup target via Rest API, it will save the following details as plain text
  1. Proxy password for S3 instance recovery if used
  2. IAM AWS Secret Key when providing alternate Credential


Interim resolution until solution applied
  1. Delete the effected recovery target from the recovery scenario
  2. or remove the proxy details and configure matching S3 worker configuration

Solution:
Upgrade to v4.0


Click here to go back to the Release notes: Release notes for the latest v3.2.x CPM release

    • Related Articles

    • RestAPI example files

      Background: CPM contain rich RESTful API interface that enable you to do everything you do manually in the UI in an automated way, but it can be difficult to start using the RESTful API. We created this examples to assist customers in understanding ...
    • How to reset the password for the root/admin CPM user

      If you know the username of the root/admin user: Follow the upgrade procedure in our User Guide at: https://docs.n2ws.com/user-guide/#1-4-upgrading-n-2-ws Please make sure you do this when there are no backups/DR in progress. When configuring the new ...
    • EBS/RDS DR & Recovery with KMS key

      When copying cross account an EBS/RDS Volume encrypted with custom KMS,  a KMS key should also be available in the other account. There are 2 ways that CPM uses for checking KMS key - Alias & Tag   KMS Tag When using custom tag,  you are telling CPM ...
    • Troubleshooting File Level Recovery (FLR) 3.2

      Background: File-level recovery requires N2WS to launch temporary worker instance in the target region. The worker will read the snapshot directly or recover volumes in the background and attach them to a ‘worker’ instance launched for the operation. ...
    • Recovery of an encrypted volume may fail: "Not authorized to use key"

      Performing a cross account recovery of an encrypted volume, or of an instance containing an encrypted volume may not work if the target account cannot access the encryption key from the source account. Error may appear in the CPM Server log as below: ...