Release notes for the latest v2.4.x CPM release

Release notes for the latest v2.4.x CPM release

In order to upgrade to v2.4.x from v2.3.x and earlier, please use one of the following methods:

1) AMI upgrade method, use the upgrade instructions in chapter 1.3.5 "Upgrading the CPM Server Instance" at 


2) Use the patch linked below
NOTICE, the patch can only be used to upgrade from v2.3.0c, v2.3.0d or 2.3.0e to v2.4.x
  • if running an older version of CPM, please use upgrade method 1) above.
  • If this patch is used to upgrade from an earlier version by accident, the CPM instance will stop functioning (error 500) and will need to be rebuilt using the upgrade instructions in method 1) above.

Using this patch requires internet connectivity from the CPM Server.
  • If there is no internet connectivity, patch upgrade may appear to be successful, but CPM Server may respond slowly and malfunction.
  • Without internet connectivity OS and applications will not be updated, leaving the system open to vulnerabilities.
  • If you have patched without internet connectivity by accident, please rerun the upgrade using the AMI upgrade method in 1) shown above.

Please wait 10 minutes after installing then you MUST reboot the CPM Instance from AWS. Failure to do so will prevent the changes on OS level from being being implemented and functionality may be compromised.

After installing this patch, it may take a few minutes for the CPM GUI to become responsive again in the browser.

The patch can be applied by using the "CPM patches" link at the bottom of the GUI:

For both upgrade methods, please give attention to these details:
1. Due to the new functionality introduced in v2.4, you may need to update your permission policies. Please see the JSON templates attached to this KB:

2. Starting with v2.4, it is now a requirement to attach an IAM role to the CPM server instance.

3. After the latest version is installed, please manually upgrade VSS Agents by downloading the thin backup agent from the upgraded CPM server and reinstalling within the instance OS.

Additional patches for v2.4.0:

Change log:

November 19, 2018 (CRC 7B4BFE01) - version 2.4.0 (Patch should only be applied to v2.3.0c and later - see note above about "error 500")

N2WS-946 - Tag scanning may be aborted when encountering the "New policy xyz has more than one template" error
N2WS-1677 - CPM was allowing to configure DR for Redshift and DynamoDB
N2WS-1864 - A wrong CPM alert is raised if a tag based instance is terminated
N2WS-2123 - DR may fail with "DR encountered an internal problem and failed" instead of printing the actual permissions issue
N2WS-2169 - CPM allowed adding a regular volume to the "cpmdata" policy using tags
N2WS-2256 - Disabled regions may still appear in the GUI
N2WS-2538 - Performing failover after entering recovery mode on CPM may fail with "Failed to update license"
N2WS-2746 - CPM server may restart itself with "Terminating the agent process because of backup keep-alive failure" when running scripts
N2WS-3373 - CPM may fail to copy RDS tags in Chinese regions with the error "Invalid resource name"
N2WS-3578 - Backups with failed snapshots may be marked as "successful"
N2WS-3659 - Wrong account may be listed in the Snapshot View Report for snapshots that were replicated cross-account
N2WS-3701 - Permission check may fail with the error "User not found", if CPM was deployed using CloudFormation
N2WS-3821 - DR may fail  due to the wrong format of custom key
N2WS-3904 - Instances in the DR region may not be shown as targets for volume restore
N2WS-4031 - Fixed the description of the AWS CloudFormation template
N2WS-4072 - CPM may restore a volume using default encryption, if snapshot is encrypted with a shared key
N2WS-2235- CPM generates an alert if Scan tags fails and doesn't retry it

new features:
N2WS-339 - Added support for restoring more than one NIC
N2WS-1497 - Recovery monitor deletion were added to the audit log
N2WS-1647 - Added ability to download the Audit Report in CLI
N2WS-1660 - Added ability to define the VSS/scripts timeout on a policy level
N2WS-1802 - Added support for VPC capture and clone
N2WS-2233 - Added an option to delete all alerts
N2WS-2413 - Added a new search function to find an instance in backups
N2WS-3093 - Added support for Cross account DR of RDS instances with custom shared key
N2WS-3339 - Added support for T3 instances to be used for CPM Server (Currently for Free and BYOL editions only)
N2WS-4130 - Added backup support for new instance type - R5a & M5a
N2WS-4244 - Improving cross-account DR to make all snapshots "incremental forever"
N2WS-4245 - Added support for backup EBS snapshot data to AWS S3 buckets (Advanced Edition and up, for both subscription and direct license customers)
N2WS-4250 - Extended CPM RESTful API capabilities (API version 1.1.0)

    • Related Articles

    • Release notes for the latest v2.3.x CPM release

      ================================================================================================ Release notes for v2.4.x are here: ...
    • Release notes for the latest v2.5.x CPM release

      In order to upgrade to v2.5.x, please use one of the methods below: 1) AMI upgrade method . Use the upgrade instructions in chapter 1.3.5 "Upgrading the CPM Server Instance" at This method ...
    • Release notes for the latest v2.2.x CPM release

      The latest patch can be found at (please unzip it before using) Upgrading to v2.2.x using patch is supported only from versions 2.1.3x and up. In order to upgrade from ...
    • Release notes for the latest v2.1.x CPM release

      ================================================================================================ Release notes for v2.2x are here: ...
    • Release notes for the latest v3.1.x CPM release

      In order to upgrade to version 3.1.x from 2.4.x/2.5.x/2.6.x , please see the instructions here: In addition, If you are using VSS Agents, after the latest version is installed, ...