v4.2.3 Release Notes


Review v4.2.3 Compatibility & Breaking Changes before installing or upgrading Morpheus

Morpheus UI Updates


Terraform Improvements

  • Terraform version 0.12 support added
  • Terraform support added for Azure Clouds
  • Automatic Resource Mapping added for all Terraform created resources
  • Additional Template validation and Terraform Plan previews added to App and Blueprint wizards
  • Added continuous state refresh for drift monitoring

Increased Flexibility with Identity Source Services

  • Identity sources can be added and configured on the Tenant detail page (Administration > Tenants > Selected Tenant) or on the User list page (Administration > Users) allowing Tenant administrators to configure their own identity source services and mapping without exposing information on other Tenants
  • Identity sources can be configured to allow manual role assignment providing administrators the flexibility to change a user’s role in Morpheus regardless of their role or group within the identity source environment

NSX-T Integration Enhancements

  • Added support for NSX-T version 3
  • Create, manage, and delete NSX-T load balancers
  • Create, manage, and delete NSX-T IP Pools

Enhanced Governance Around Instance Actions

  • User role permission set expanded to include governance around Instance actions
  • Rights to clone Instances, run scripts or Workflows, import images, and more can now be controlled through Morpheus RBAC functionality

New Features

  • Amazon: Amazon Internet Gateway support added

    Create and manage Amazon Internet Gateways
    • Discovery & synchronization of existing Amazon Internet Gateways
    • Create new Amazon Internet Gateways & attach to VPC
    • Edit Existing Amazon Internet Gateways Name, VPC Attachment
    • Delete Amazon Internet Gateways


    Infrastructure: Network Routers Role permissions required.

  • Amazon: AWS VPC Router Integration added

    Create and manage Amazon VPC Routers including syncing, creating and managing Routes
    • Discovery & synchronization of existing Amazon VPC Routers
    • Automatic creation of Amazon VPC Router when creating a new VPC from Morpheus
    • Discovery & synchronization of existing Routes
    • New Route creation
  • Amazon: AWS Costing and Utilization Report automation added

    Morpheus now syncs existing and can create new correctly-configured AWS Costing and Utilization Reports (CUR) needed to consume highly-granular invoicing data in Morpheus.
    • Costing and Utilization Report sync and creation added
    • New COSTING REPORT field added to AWS Cloud Configurations
      • Existing/synced CURs can be selected in the COSTING REPORT field
      • COSTING BUCKET, COSTING REGION, COSTING FOLDER, and COSTING REPORT NAME are no longer required when selecting an existing/synced CUR
    • New CURs can be automatically generated by selecting New Report
      • Existing S3 Buckets can now be selected in the COSTING BUCKET field
      • New S3 Bucket creation option added for COSTING BUCKET
        • COSTING BUCKET REGION updated to pre-populated Region Select List
    • Configuring CURs now required as Morpheus no longer supports AWS Cost Explorer for billing data aggregation
  • Amazon: Unattached AWS Volume sync added

    • Unattached AWS EBS Volumes are now synced to improve visibility and tracking of orphaned resources. Volume data is available via API/CLI, Reports and in /infrastructure/storage/volumes
  • Approvals: Estimated pricing details added to Approvals

    • Added estimated pricing details to Approvals list and detail pages (Operations > Approvals) as well as to the price field for the request in ServiceNow for clients routing their approvals through a ServiceNow integration.
  • Apps: Provisioning Process/Status bar, VM & Container lists, Summary tab added to App detail page

    App Details page enhancements for greater visibility of App provisioning status, App resources visibility and management
    • App Provisioning Process/Status bar added to App Detail Pages
    • App VM & Container lists added to App Detail Pages with list, stats, and actions for all nodes in an App
    • App Summary tab added to App details page with App statistics
  • Azure: Added support for Azure Run Command

    Facilitates Agent Install and other RPC commands to execute through Azure Run Command when SSH or WinRM is not available, accessible, or open.
    • “RPC MODE” setting added to cloud config with Azure Run Command and legacy SSH/WinRM options
  • Backups: Jobs: Tenant Permissions added

    • Backup Jobs can be scoped to specific Tenants (“ACTIONS” > Permissions from the Backup Jobs list page)
  • Blueprints: Improved Validation

    • Form validation improved when creating or editing Blueprints to specifically highlight the invalid field rather than give a generic validation warning
  • Clouds: ``NO PROXY`` option added to Cloud configurations

    Adds the ability to bypass configured proxy traversal for specified IP addresses or hosts
    • NO PROXY field added to Provisioning Command section of Cloud configurations
    • Accepts list of IP addresses or name servers to exclude proxy traversal for. Typically locally routable servers are excluded.
  • Clusters: Group, Service Plan, and Tenant Permission scoping added for Clusters

  • Identity Sources: Identity source integrations can now be configured from the Users page (Administration > Users)

    • Allows Tenant administrators to configure these integrations without giving access to the Tenants page (Administration > Tenants), which exposes information on other Tenants
  • Networks: Added capability to activate and deactivate network security groups when creating or editing (Infrastructure > Networks > Security Groups)

  • NSX-T: Added ability to created, manage and delete NSX-T IP Pools from Morpheus

  • NSX-T: Create, manage and delete NSX-T load balancers from the scale tab of the Instance detail page

  • NSX-T: Added support for version 3

  • OpenTelekom Cloud: A floating IP can now have variable bandwidth, option is available in the Instance and App provisioning wizards

  • Oracle VM: Images with the same name syncing from multiple Oracle VM Clouds are now grouped for easier selection when creating Node Types similar to the way they are already grouped for VMware Clouds

  • Reports: Added Software Inventory report to group together servers in a chosen cloud which are running specific software

  • Reports: Added the Software Inventory By Server report to list out all software running on each server within the chosen cloud

  • Roles: “Group” feature permission added to “Infrastructure: Clouds”

    • When selected, the user will only see Clouds in their assigned Groups when viewing the Cloud list page (Infrastructure > Clouds)
  • Roles: Added controls around Instance actions (Provisioning > Instance > Selected Instance > Actions)

    • “Provisioning: Clone Instance”, “Provisioning: Execute Script”, “Provisioning: Execute Task”, Provisioning: Execute Workflow”, “Provisioning: Import Image”
  • Roles: User Roles can be manually assigned for Users coming through an Identity Source Integration rather than being locked to automatic mapping based on their role in the Identity Provider

  • Security: General security enhancements

  • Security: Added support for encrypted strings using ENC() in Morpheus Appliance config files

  • Security: New encryption service added to generate ENC strings for use in Morpheus appliance config files: morpheus-ctl get-crypto-string migrate|string

  • Tasks: Added “Ignore SSL errors” flag for HTTP Tasks to allow REST calls to systems without trusted SSL certificates

  • Terraform: All tf app created resources are now inventoried

  • Terraform: Added support for generated keypairs in terraform

  • Terraform: Azure support added

  • Terraform: Implemented template validation in App wizard prior to review step.

  • Terraform: Morpheus now continuously refresh state looking for drift

  • Terraform: Preview section added to Blueprint and App Modals

  • Terraform: v0.12 support added

  • UI: Expansion of Advanced Lists Tables

    Advanced Lists tables added to:
    • Integrations (Administration > Integration)
    • Network Domains (Infrastructure > Network > Domains)
    • Network Groups (Infrastructure > Network > Network Groups)
    • Network IP pools (Infrastructure > Network > IP Pools)
    • Network Proxies (Infrastructure > Network > Proxies)
    • Network Routers (Infrastructure > Network > Routers)
    • Network Security Groups (Infrastructure > Network > Security Groups)
    • Networks (Infrastructure > Network)
    • User Groups (Administration > Users > User Groups)
    • Users (Administration > Users)
  • UI: Environment Tag field relabeled as Environment on GROUP tab of the Instance provisioning wizard and on SETUP tab of the App provisioning wizard

  • UI: Improved pagination for Infrastructure > Clouds list

  • Veeam: vCloud Director (vCD) support added

    Veeam Integration can now be scoped to vCloud Director clouds
    • Veeam Backup creation added for vCD Instances
    • Restore from Veeam Backup support added for vCD Instances
  • Whitelabeling: Improved handling of whitelabel images for the login screen to prevent low image quality in specific scenarios


  • Ansible Tower: Fixed scenario where an Ansible Tower job execution references a legacy record when both records contain matching external_ip address.
  • Ansible: Command options are now passed when the Ansible playbook task has a resource execution target
  • Apps: Fixed instance.instanceContext variable evaluation in Subtenants when selecting an environment shared from the Primary Tenant during provisioning
  • Apps: Fixed issue where new Instance Name policies were not applying to scaled Instance nodes from App provisions when a new instance Name Policy was set to enforce after Blueprint creation
  • AWS: RDS: Fixed SQL Server provisioning specified Database User creation
  • Azure: Fixed Security group Rule sync for Security Group rules with location paths longer than 255 chars
  • Backups: Appliance Backup: Resolved issue with Appliance database backup auth when external database password contains wildcard character(s)
  • Backups: Fixed non-user backups displaying in subtenants when effective Backups User Role Feature Access permission is set to User
  • Bluecat: Fixed issue where the Network Pool -> Network association for Bluecat Network Pools would be removed after incomplete sync jobs caused by API errors
  • Clusters: customOptions.x values set during Cluster provisioning are not properly mapped and available post-provision
  • Convert to Manage: Fixed populated Group list values when converting multiple VM’s to managed and assigning to a subtenant
  • Convert to Managed: Fixed issue when converted the status value of a stopped target is set to running after conversion
  • Currencies: Fixed ZAR currency being displayed as USD on Guidance section of the Cloud details page
  • Hyper-V: Fixed service plans not loading when adding additional hosts to a Hyper-V Cloud
  • Kubernetes: Discovery: Fixed loading Kubernetes Summary Page when discovered cluster k8s version does not match available cluster layout versions
  • NSX: Fixed removal of synced NSX-V networks when transport zone association is not set
  • Option Lists: Fixed REST POST Option List Request Scripts incorrectly parsing javascript objects that contain lists into JSON
  • Option Types: Fixed Type Ahead Option Types not requiring retrieved value from associated Option Lists
  • Oracle VM: Fixed duplicate synced Virtual Image record creation
  • Oracle VM: Virtual Images spanning multiple locations are now merged into a single Virtual Image record with location references
  • Permissions: Added additional space to account for long Group names in Group permissions sections. Note Group names containing more than 50 characters will still be truncated
  • Policies: Fixed additional scenarios where ${sequence} in Instance Name Policies would increment instance.name by +2 instead of +1
  • Provisioning: Datastore selection is now preserved during provisioning when a new layout is selected after selecting a single Datastore on the previous layout.
  • Reconfigure: Fixed issue with server plan association when selecting a new plan with identical resources during reconfigure and new plan only applying to Instance
  • Reports: Tenant Usage Report: Fixed issue with aggregate usage statistics for Tenant assigned guest virtual machines
  • Roles: Access to monitoring settings (Administration > Monitoring) is now controlled exclusively by the “Admin: Monitoring Settings” feature permission
  • Roles: Access to the Network Proxies tab (Infrastructure > Networks > Proxies) is now controlled exclusively by the “Infrastructure: Network Proxies” feature permission
  • Salt Stack: Fixed issue with Post Provision phase Task execution history being associated with Salt Provision provisioning phase
  • SCVMM/Hyper-V: Fixed Cloud creation validation issue when when disk size query response contains additional empty lines
  • Usage: Fixed Resource Pool scoped price-sets within VMware plans not being associated on price calculation
  • vCloud Director: Fixed irrelevant morpheus-ui log errors during vcd Cloud sync inventory
  • vCloud Director: Fixed issue where vApp would be removed when removing a single node from a multiple node Instance
  • vCloud Director: Fixed Network Pool sync error for Network pools with no CIDR defined
  • vCloud Director: Fixed restarting VM’s when only modifying volume size during reconfigure
  • vCloud Director: Fixed trigger of Usage records restarts during Cloud sync for VCD VM’s with no disks attached
  • vCloud Director: Fixed VDC shared networks not appearing for additional vCD clouds

Morpheus API Updates

API Enhancements

  • Azure: Added granular invoice and line item costing as we currently have for Amazon and Oracle Clouds
  • Azure: CSP pricing support
  • Billing: Service Plan Name (servicePlanName) can now be returned from the Billing API
  • Networks: Security Groups can now be activated and deactivated
  • User Sources: The userSources API now returns externalLogin and allowCustomMappings fields
  • Users: Users across all Tenants can now be returned with a single call

API Fixes

  • Billing: Fixed discoveredServers usage and price data missing when using includeTenants=true on /api/billing endpoints

Morpheus CLI Updates

CLI Enhancements

  • Updated security-groups to display the Active flag and it can be updated with --active [on|off]
  • Updated invoices list to display Tags and allow filtering with --tags Foo=Bar --tags Hello=World
  • User Sources: External Login and Allow Custom Mappings can now be displayed
  • Updated invoices command to support new option --sig and some other tweaks to the way data is displayed.

CLI Fixes

  • Fixed instances update --group not working.
  • OpenTelekom: Fixed optionType value issue preventing creation of new OTC Cloud’s via cli
  • Users: Fixed issue with morpheus user add when using -O roleId= instead of --role