Release notes for the latest v2.5.x CPM release

Release notes for the latest v2.5.x CPM release

In order to upgrade to v2.5.x, please use one of the methods below:

1) AMI upgrade method . Use the upgrade instructions in chapter 1.3.5 "Upgrading the CPM Server Instance" at 
   This method must be used if you have a version older than v2.5.0


2) Patch upgrade method - use the patch file attached at the bottom of this KB (unzip it first).
    Patch can only be used if you already have v2.5.0 or newer.

- No backups, DR or S3 copies should be running or scheduled to run while installing the patch
  • Please take steps such as disabling schedules to ensure policies will not try to run until the upgrade is complete.
- Patch can be applied by using the "CPM patches" link at the bottom of the GUI:

- Note it may take a few minutes for the CPM GUI to become responsive after installation.

For both upgrade methods, please give attention to these details:
1. Due to the new functionality in v2.5, you may need to update your permission policies. Please see the JSON templates attached to this KB:

2. it is now a requirement to attach an IAM role to the CPM server instance.

3. After the latest version is installed, please manually upgrade VSS Agents by downloading the thin backup agent from the upgraded CPM server and reinstalling within the instance OS (if your VSS Agents are older than v2.4)

CPM CLI and RESTful API have been updated to v1.2:

Change log:

May 13, 2019  (CRC-32 C7597D35) - version 2.5.1a

Issues Fixed:

N2WS-6207      Customer may not be able to restore from S3 backups, if EBS backups were deleted.
N2WS-6120       Backup to S3 may fail if one of the volumes in the policy has a Marketplace (product) code
N2WS-6286      Tag scan may fail due to exceptions "TypeError", "UnboundLocalError" or "MultipleObjectsReturned"

April 23, 2019  (CRC-32 22395D99) - version 2.5.1

Issues Fixed:

N2WS-6408     Upgrading Apache to the latest version (2.4.39) to resolve security vulnerabilities (AMI only)
N2WS-6197      Security Vulnerability: Customers who enabled N2WS API access might be exposed to an unauthorized access.
N2WS-5593     Cleanup may fail with error "ACCOUNT NAME FOR DR RDS DELETE 'account_name' policy <pol_name>
N2WS-5565     RDS DR may fail with error "RDS DR copy snapshot failed (...) The snapshot requires a target option group with the following options: [Timezone]"
N2WS-5462, N2WS-5724, N2WS-5739, N2WS-5877      S3 Copy/Cleanup may fail with error "No space left on device" or "Repository is low on free space"
N2WS-5392     CPM may fail to clone a VPC with more than 2 CIDR blocks with the error"InvalidSubnet.Range"

New Features:

N2WS-6056     Improving S3 copy performance and reducing cost for large (>500GB) volumes
N2WS-5973     Improving S3 copy performance by launching separate workers per instance

February 28, 2019  (CRC-32 8958D061) - version 2.5.0 

Issues Fixed:

N2WS-5680    CPM may fail to to launch s3 worker in the us-gov-west-1 region
N2WS-5580    Stockholm region missing after patch upgrade
N2WS-5113      HTTP error 500 generating the unprotected resources report
N2WS-4771     CPM may try to run a S3 backup of an instance exceeding the 8TB limit
N2WS-4762    User column not filled in S3 repositories table after adding a new user
N2WS-4710     ERROR: task failed: std::bad_alloc Failed to upload s3 object.
N2WS-4703    Update UI to reflect no support for Transit Gateways in Capture VPC
N2WS-4419     Missing permissions for the permissions.json file
N2WS-4409    Instances with multiple NICs cannot be restored
N2WS-4092    Changed "All snapshots deleted" to "moved to S3 Storage'" when S3 copies still exist.
N2WS-4073    Script execution timeout results in agent failure
N2WS-3889    Download of CPM logs and reports may fail due to a timeout
N2WS-3782    Daily summary notification is 'All OK' but there is a scan error.
N2WS-3768    Backup where no snapshots ran may be marked "partially successful"
N2WS-3753    Removed DR account from showing in independent account resource report
N2WS-3750    Removed "By Availability Zone" placement option during restore
N2WS-3702    CPM unable to run powershell scripts
N2WS-3658    Instance Restore UI doesn't show the root volume as able to be restored
N2WS-3502    CPM may use default encryption keys during DR
N2WS-3176     DR recovery exception: get_proxy_data ValueError: invalid literal for int() with base 10: 
N2WS-3165     Alerts show partially successful backups as failed

New Features:

N2WS-4674     Enhanced S3 Copy logging
N2WS-4610     Added feature to allow AWS keys for notifications to be updated by API
N2WS-4580    Added new region - Stockholm
N2WS-4307    Added ability to perform cross-region DR with 2nd GovCloud
N2WS-4297    Added support for new AWS GovCloud (US-East)
N2WS-2475    Added "S3 Cleanup log" button to general settings

    • Related Articles

    • Release notes for the latest v2.3.x CPM release

      ================================================================================================ Release notes for v2.4.x are here: ...
    • Release notes for the latest v2.4.x CPM release

      In order to upgrade to v2.4.x from v2.3.x and earlier, please use one of the following methods: 1) AMI upgrade method, use the upgrade instructions in chapter 1.3.5 "Upgrading the CPM Server Instance" at ...
    • Release notes for the latest v2.2.x CPM release

      The latest patch can be found at (please unzip it before using) Upgrading to v2.2.x using patch is supported only from versions 2.1.3x and up. In order to upgrade from ...
    • Release notes for the latest v2.1.x CPM release

      ================================================================================================ Release notes for v2.2x are here: ...
    • Release notes for the latest v3.1.x CPM release

      In order to upgrade to version 3.1.x from 2.4.x/2.5.x/2.6.x , please see the instructions here: In addition, If you are using VSS Agents, after the latest version is installed, ...