Recent changes in BlueXP
Learn about the most recent changes to the cloud services that are part of the BlueXP platform. For a complete release history, go to the full set of release notes for each individual service.
Administrative features
This section describes new features related to BlueXP administration features: Accounts, Connectors, cloud provider credentials, and more.
11 August 2025
Connector 3.9.55
This release of the BlueXP Connector includes security improvements, and bug fixes.
The 3.9.55 release is available for standard mode and restricted mode.
Japanese language support
The BlueXP UI is now available in the Japanese language. If your browser language is Japanese, BlueXP displays in Japanese. To access documentation in Japanese, use the language menu on the documentation website.
Operational resiliency feature
The Operational resiliency feature has been removed from BlueXP. Contact NetApp support if you encounter issues.
BlueXP Identity and Access Management (IAM)
Identity and Access Management in BlueXP now provides the following feature.
New access role for operational support
BlueXP now supports an Operational support analyst role. This role grants a user permissions to monitor storage alerts, view the BlueXP audit timeline, and enter and track NetApp Support cases.
31 July 2025
Private mode release (3.9.54)
A new private mode release is now available to download from the NetApp Support Site
The 3.9.54 release includes updates to the following BlueXP components and services.
Component or service | Version included in this release | Changes since the previous private mode release |
---|---|---|
Connector |
3.9.54, 3.9.53 |
Go to the what's new in BlueXP page and refer to the changes included for versions 3.9.54 and 3.9.53. |
Backup and recovery |
28 July 2025 |
Go to the what's new in BlueXP backup and recovery page and refer to the changes included in the July 2025 release. |
Classification |
14 July 2025 (version 1.45) |
Go to the what's new in BlueXP classification page. |
For more details about private mode, including how to upgrade, refer to the following:
21 July 2025
Support for Google Cloud NetApp Volumes
You can now view Google Cloud NetApp Volumes in BlueXP. Learn more about Google Cloud NetApp Volumes.
BlueXP Identity and Access Management (IAM)
New access role for Google Cloud NetApp Volumes
BlueXP now supports using an access role for the following storage system:
-
Google Cloud NetApp Volumes
14 July 2025
Connector 3.9.54
This release of the BlueXP Connector includes security improvements, bug fixes, and the following new features:
-
Support for transparent proxies for Connectors dedicated to supporting Cloud Volumes ONTAP services. Learn more about configuring a transparent proxy.
-
Ability to use network tags to help route Connector traffic when the Connector is deployed in a Google Cloud environment.
-
Additional in-product notifications for Connector health monitoring, including CPU and RAM usage.
At this time, the 3.9.54 release is available for standard mode and restricted mode.
BlueXP Identity and Access Management (IAM)
Identity and Access Management in BlueXP now provides the following features:
-
Support for IAM in private mode, allowing you to manage user access and permissions for BlueXP services and applications.
-
Streamlined management of identity federations, including easier navigation, clearer options for configuring federated connections, and improved visibility into existing federations.
-
Access roles for BlueXP backup and recovery, BlueXP disaster recovery, and federation management.
Support for IAM in private mode
BlueXP now supports IAM in private mode, allowing you to manage user access and permissions for BlueXP services and applications. This enhancement enables private mode customers to leverage role-based access control (RBAC) for better security and compliance.
Streamlined management of identity federations
BlueXP now offers a more intuitive interface for managing identity federation when using standard mode. This includes easier navigation, clearer options for configuring federated connections, and improved visibility into existing federations.
Enabling single sign-on (SSO) through identity federation lets users log in to BlueXP with their corporate credentials. This improves security, reduces password use, and simplifies onboarding.
You'll be prompted to import any existing federated connections to the new interface to gain access to the new management features. This allows you to take advantage of the latest enhancements without having to recreate your federated connections. Learn more about importing your existing federated connection to BlueXP.
Improved federation management allows you to:
-
Add more than one verified domain to a federated connection, allowing you to use multiple domains with the same identity provider (IdP).
-
Disable or delete federated connections when needed, giving you control over user access and security.
-
Control access to federation management with IAM roles.
New access roles for BlueXP backup and recovery, BlueXP disaster recovery, and federation management
BlueXP now supports using IAM roles for the following features and data services:
-
BlueXP backup and recovery
-
BlueXP disaster recovery
-
Federation
Alerts
7 October 2024
BlueXP alerts list page
You can quickly identify ONTAP clusters that have low capacity or low performance, gauge the extent of availability, and identify security risks. You can view alerts related to capacity, performance, protection, availability, security, and configuration.
Alerts details
You can drill into alert details and find recommendations.
View cluster details linked to ONTAP System Manager
With BlueXP alerts, you can view alerts associated with your ONTAP storage environment and drill into the details that are linked to ONTAP System Manager.
Amazon FSx for ONTAP
03 August 2025
Enhancements to Replication relationships tab
We've added several new columns to the replication relationships table to give you more information about your replication relationships in the Replication relationships tab. The table now includes the following columns:
-
SnapMirror policy
-
Source file system
-
Target file system
-
State of the relationship
-
Last transfer time
14 July 2025
Support for replicating data between two FSx for ONTAP file systems
Data replication is now available between two FSx for ONTAP file systems from the canvas in the BlueXP console.
29 June 2025
Credentials update
After you set up credentials and permissions for your FSx for ONTAP file system, you'll be redirected to the BlueXP Credentials page. From this page, you can rename or remove your FSx for ONTAP credentials.
Amazon S3 storage
5 March 2023
Ability to add new buckets from BlueXP
You have had the ability to view Amazon S3 buckets on the BlueXP Canvas for quite a while. Now you can add new buckets and change properties for existing buckets directly from BlueXP. See how to add new Amazon S3 buckets.
Azure Blob storage
5 June 2023
Ability to add new storage accounts from BlueXP
You have had the ability to view Azure Blob Storage on the BlueXP Canvas for quite a while. Now you can add new storage accounts and change properties for existing storage accounts directly from BlueXP. See how to add new Azure Blob storage accounts.
Azure NetApp Files
13 January 2025
Network features now supported in BlueXP
When configuring a volume in Azure NetApp Files from BlueXP, you can now indicate network features. This aligns with functionality available in native Azure NetApp Files.
12 June 2024
New permission required
The following permission is now required to manage Azure NetApp Files volumes from BlueXP:
Microsoft.Network/virtualNetworks/subnets/read
This permission is required to read a virtual network subnet.
If you're currently managing Azure NetApp Files from BlueXP, you need to add this permission to the custom role that's associated with the Microsoft Entra application that you previously created.
22 April 2024
Volume templates no longer supported
You can no longer create a volume from a template. This action was associated with the BlueXP remediation service, which is no longer available.
Backup and recovery
25 August 2025
This BlueXP backup and recovery release includes the following updates.
Support for protecting VMware workloads in Preview
This release adds preview support for protecting VMware workloads. Back up VMware VMs and datastores from on-premises ONTAP systems to Amazon Web Services and StorageGRID.
|
Documentation about protecting VMware workloads is provided as a technology preview. With this preview offering, NetApp reserves the right to modify offering details, contents, and timeline before General Availability. |
High performance indexing for AWS, Azure, and GCP is generally available
In February 2025, we announced the preview of high performance indexing (Indexed Catalog v2) for AWS, Azure, and GCP. This feature is now generally available (GA). In June 2025, we provided it to all new customers by default. With this release, the support is available to all customers. High performance indexing improves the performance of backup and restore operations for workloads that are protected to object storage.
Enabled by default:
-
If you are a new customer, high performance indexing is enabled by default.
-
If you are an existing customer, you can enable reindexing by going to the Restore section of the UI.
12 August 2025
This BlueXP backup and recovery release includes the following updates.
Microsoft SQL Server workload supported in General Availability (GA)
Microsoft SQL Server workload support is now generally available (GA) in BlueXP backup and recovery. Organizations using an MSSQL environment on ONTAP, Cloud Volumes ONTAP, and Amazon FSx for NetApp ONTAP storage can now take advantage of this new backup and recovery service to protect their data.
This release includes the following enhancements to the Microsoft SQL Server workload support from the previous preview version:
-
SnapMirror active sync: This version now supports SnapMirror active sync (also referred to as SnapMirror Business Continuity [SM-BC]), which enables business services to continue operating even through a complete site failure, supporting applications to fail over transparently using a secondary copy. BlueXP backup and recovery now supports protection of Microsoft SQL Server databases in a SnapMirror active sync and Metrocluster configuration. The information appears in the Storage and relationship status section of the Protection details page. The relationship information is displayed in the updated Secondary settings section of the Policy page.
Refer to Use policies to protect your workloads.
-
Multi-bucket support: You can now protect the volumes within a working environment with up to 6 buckets per working environment across different cloud providers.
-
Licensing and free trial updates for SQL Server workloads: You can now use the existing BlueXP backup a recovery licensing model to protect SQL Server workloads. There is no separate licensing requirement for SQL Server workloads.
For details, refer to Set up licensing for BlueXP backup and recovery.
-
Custom snapshot name: You can now use your own snapshot name in a policy that governs the backups for Microsoft SQL Server workloads. Enter this information in the Advanced settings section of the Policy page.
Refer to Use policies to protect your workloads.
-
Secondary volume prefix and suffix: You can enter a custom prefix and suffix in the Advanced settings section of the Policy page.
-
Identity and access management (IAM): You can now control users' access to features.
-
Restore from object storage to an alternate host: You can now restore from object storage to an alternate host even if the primary storage is down.
-
Log backup data: The database protection details page now shows log backups. You can see the Backup type column that shows whether the backup is a full backup or a log backup.
-
Enhanced Dashboard: The Dashboard now shows Storage and Clone savings.
ONTAP volume workload enhancements
-
Multi-folder restore for ONTAP volumes: Until now, you could restore either one folder or multiple files at a time from the Browse and restore feature. BlueXP backup and recovery now provides the ability to select multiple folders at a time using the Browse and restore feature.
-
View and manage backups of deleted volumes: The BlueXP backup and recovery Dashboard now gives an option to show and manage volumes that are deleted from ONTAP. With this, you can view and delete backups from volumes that no longer exist in ONTAP.
-
Force delete backups: In some extreme cases, you might want BlueXP backup and recovery not to have access to backups any longer. This might happen for example, if the service no longer has access to the backup bucket or backups are DataLock protected but you don't want them anymore. Previously, you could not delete these yourself and needed to call NetApp Support. With this release, you can use the option to force delete backups (at volume and work environment levels).
|
Use this option carefully and only in extreme cleanup needs. BlueXP backup and recovery will not have access to these backups any longer even if they are not deleted in the object storage. You will need to go to your cloud provider and manually delete the backups. |
Refer to Protect ONTAP workloads.
28 July 2025
This BlueXP backup and recovery release includes the following updates.
Kubernetes workload support as a Preview
This release of of BlueXP backup and recovery introduces support for discovering and managing Kubernetes workloads:
-
Discover Red Hat OpenShift and open-source Kubernetes clusters, backed by NetApp ONTAP, without sharing kubeconfig files.
-
Discover, manage, and protect applications across multiple Kubernetes clusters using a unified control plane.
-
Offload data movement operations for backup and recovery of Kubernetes applications to NetApp ONTAP.
-
Orchestrate local and object-storage-based application backups.
-
Back up and restore entire applications and individual resources to any Kubernetes clusters.
-
Work with containers and virtual machines running on Kubernetes.
-
Create application-consistent backups using execution hooks and templates.
For details about protecting Kubernetes workloads, refer to Protect Kubernetes workloads overview.
14 July 2025
This BlueXP backup and recovery release includes the following updates.
Enhanced ONTAP volume Dashboard
In April 2025, we launched a preview of an enhanced ONTAP volume Dashboard that is much faster and more efficient.
This dashboard was designed to help enterprise customers with a high number of workloads. Even for customers with 20,000 volumes, the new dashboard loads in <10 seconds.
After a successful preview and great feedback from preview customers, we are now making it the default experience for all our customers. Be ready for a blazingly fast dashboard.
For details, see View protection health in the Dashboard.
Microsoft SQL Server workload support as a Public Technology Preview
This release of BlueXP backup and recovery provides an updated user interface that enables you to manage Microsoft SQL Server workloads using a 3-2-1 protection strategy, familiar in the BlueXP backup and recovery service. With this new version, you can back up these workloads to primary storage, replicate them to secondary storage, and back them up to cloud object storage.
You can sign up for the preview by completing this Preview Signup Form.
|
This documentation about protecting Microsoft SQL Server workloads is provided as a technology preview. With this preview offering, NetApp reserves the right to modify offering details, contents, and timeline before general availability. |
This version of BlueXP backup and recovery includes the following updates:
-
3-2-1 backup capability: This version integrates SnapCenter capabilities, enabling you to manage and protect your SnapCenter resources with a 3-2-1 data protection strategy from the BlueXP backup and recovery user interface.
-
Import from SnapCenter: You can import SnapCenter backup data and policies into BlueXP backup and recovery.
-
A redesigned user interface provides a more intuitive experience for managing your backup and recovery tasks.
-
Backup targets: You can add buckets in Amazon Web Services (AWS), Microsoft Azure Blob Storage, StorageGRID, and ONTAP S3 environments to use as backup targets for your Microsoft SQL Server workloads.
-
Workload support: This version enables you to back up, restore, verify, and clone Microsoft SQL Server databases and availability groups. (Support for other workloads will be added in future releases.)
-
Flexible restore options: This version enables you to restore databases to both original and alternate locations in case of corruption or accidental data loss.
-
Instant production copies: Generate space-efficient production copies for development, testing, or analytics in minutes instead of hours or days.
-
This version includes the ability to create detailed reports.
For details about protecting Microsoft SQL Server workloads, see Protect Microsoft SQL Server workloads overview.
09 June 2025
This BlueXP backup and recovery release includes the following updates.
Indexed catalog support updates
In February 2025, we introduced the updated indexing feature (Indexed Catalog v2) that you use during the Search & Restore method of restoring data. The previous release significantly improved data indexing performance in on-premises environments. With this release, the indexing catalog is now available with Amazon Web Services, Microsoft Azure, and Google Cloud Platform (GCP) environments.
If you are a new customer, the Indexed Catalog v2 is enabled by default for all new environments. If you are an existing customer, you can re-index your environment to leverage the Indexed Catalog v2.
Before you can use the Search & Restore method of restoring data, you need to enable "Indexing" on each source working environment from which you're planning to restore volumes or files. Select the Enable Indexing option when you are performing a Search & Restore.
The Indexed Catalog can then track every volume and backup file, making your searches quick and efficient.
For more information, refer to Enable indexing for Search & Restore.
Azure private link endpoints and service endpoints
Typically, BlueXP backup and recovery establishes a private endpoint with the cloud provider to handle protection tasks. This release introduces an optional setting that lets you enable or disable BlueXP backup and recovery from automatically creating a private endpoint. This might be useful to you if you want more control over the private endpoint creation process.
You can enable or disable this option when you enable protection or start the restore process.
If you disable this setting, you must manually create the private endpoint for BlueXP backup and recovery to function properly. Without proper connectivity, you might not be able to perform backup and recovery tasks successfully.
Support for SnapMirror to Cloud Resync on ONTAP S3
The previous release introduced support for SnapMirror to Cloud Resync (SM-C Resync). The feature streamlines data protection during volume migration in NetApp environments. This release add support for SM-C Resync on ONTAP S3 as well as other S3-compatible providers such as Wasabi and MinIO.
Bring your own bucket for StorageGRID
When you create backup files in object storage for a working environment, by default, BlueXP backup and recovery creates the container (bucket or storage account) for the backup files in the object storage account that you configured. Previously, you could override this and specify your own container for Amazon S3, Azure Blob Storage, and Google Cloud Storage. With this release, you can now bring your own StorageGRID object storage container.
Classification
11 August 2025
Version 1.46
This BlueXP classification release includes bug fixes and the following updates:
The BlueXP timeline now supports enhanced insights into scan events for BlueXP classification. The timeline now displays when the scan of a working environment begins, statuses of working environments, and any issues. Statuses for shares and working environments are only available for mapping scans.
For more information about the BlueXP timeline, see Monitor BlueXP operations.
This release adds support for Red Hat Enterprise Linux v9.6 for manual on-premises installation of BlueXP classification, including dark site deployments.
The following operating systems require using the Podman container engine, and they require BlueXP classification version 1.30 or greater: Red Hat Enterprise Linux version 8.8, 8.10, 9.0, 9.1, 9.2, 9.3, 9.4, and 9.5.
14 July 2025
Version 1.45
This BlueXP classification release includes code changes that optimize resource utilization and:
The workflow to add files shares to a file share group has been simplified. The process also now differentiates CIFS protocol support based on authentication type (Kerberos or NTLM).
For more information, see Scan file shares.
You can now view more information about file owners for files captured in the Investigation tab. When viewing metadata for a file in the Investigation tab, locate the file owner then select View details to see the username, email, and SAM account name. You can also view other items owned by this user. This feature is only available for working environments with Active Directory.
For more information, see Investigate the data stored in your organization.
10 June 2025
Version 1.44
This BlueXP classification release includes:
Update times for individual components of the Governance dashboard have been improved. The following table displays the frequency of updates for each component.
Component | Update times |
---|---|
Age of Data |
24 hours |
Categories |
24 hours |
Data Overview |
5 minutes |
Duplicate Files |
2 hours |
File Types |
24 hours |
Non-Business Data |
2 hours |
Open Permissions |
24 hours |
Saved Searches |
2 hours |
Sensitive Data and Wide Permissions |
24 hours |
Size of Data |
24 hours |
Stale Data |
2 hours |
Top Data Repositories by Sensitivity Level |
2 hours |
You can view the time of the last update and manually update the Duplicate Files, Non-Business Data, Saved Searches, Stale Data, and Top Data Repositories by Sensitivity Level components. For more information about the Governance dashboard, see View governance details about the data stored in your organization.
Enhancements have been made to improve BlueXP classification's performance, memory consumption, and security.
Redis has been upgraded to improve the reliability of BlueXP classification. BlueXP classification now uses Elasticsearch to improve the accuracy of file count reporting during scans.
12 May 2025
Version 1.43
This BlueXP classification release includes:
BlueXP classification supports the ability to prioritize Map & Classify scans in addition to Mapping-only scans, enabling you to select which scans are completed first. Prioritization of Map & Classify scans is supported during and before the scans begin. If you choose to prioritize a scan while it's in progress, both the mapping and classification scans are prioritized.
For more information, see Prioritize scans.
BlueXP classification scans identify Canadian PII data categories. These categories include banking information, passport numbers, social insurance numbers, driver's license numbers and health card numbers for all Canadian provinces and territories.
For more information, see Personal data categories.
BlueXP classification supports custom classifications for Map & Classify scans. With custom classifications, you can tailor BlueXP scans to capture data specific to your organization using regular expressions. This feature is currently in preview.
For more information, see Add custom classifications.
The Policies tab has been renamed Saved searches. The functionality is unchanged.
BlueXP classification supports sending classification events (when a scan is initiated and when it ends) to the BlueXP timeline.
-
The Keras package has been updated, mitigating vulnerabilities (BDSA-2025-0107 and BDSA-2025-1984).
-
The Docker containers configuration has been updated. The container no longer has access to the host's network interfaces for crafting raw network packets. By reducing unnecessary access, the update mitigates potential security risks.
Code enhancements have been implemented to reduce RAM usage and improve the overall performance of BlueXP classification.
Bugs that caused StorageGRID scans to fail, the investigation page filter options to not load, and the Data Discovery Assessment to not download for high volume assessments have been fixed.
14 April 2025
Version 1.42
This BlueXP classification release includes:
BlueXP classification supports bulk operations for working environments. You can choose to enable Mapping scans, enable Map & Classify scans, disable scans, or create a custom configuration across volumes in working enviroment. If you make a selection for an individual volume, it overrides the bulk selection. To perform a bulk operation, navigate to the Configuration page and make your selection.
BlueXP classification supports the ability to download data investigation reports locally to view in the browser. If you choose the local option, the data investigation is only available in the CSV format and only displays the first 10,000 rows of data.
For more information, see Investigate the data stored in your organization with BlueXP classification.
10 March 2025
Version 1.41
This BlueXP classification release includes general improvements and bug fixes. It also includes:
BlueXP classification tracks the real time progress of the initial mapping and classification scans on a volume. Separate progressive bars track the mapping and classification scans, presenting a percentage of total files scanned. You can also hover over a progress bar to view the number of files scanned and the total files. Tracking the status of your scans creates deeper insights into the scan progress, enabling you to better plan your scans and understand resource allocation.
To view the status of your scans, navigate to Configuration in BlueXP classification then select the Working Environment configuration. Progress is displayed in line for each volume.
19 February 2025
Version 1.40
This BlueXP classification release includes the following updates.
This release provides support for Red Hat Enterprise Linux v9.5 in addition to previously supported versions. This is applicable to any manual on-premises installation of BlueXP classification, including dark site deployments.
The following operating systems require using the Podman container engine, and they require BlueXP classification version 1.30 or greater: Red Hat Enterprise Linux version 8.8, 8.10, 9.0, 9.1, 9.2, 9.3, 9.4, and 9.5.
When conducting Mapping-only scans, you can prioritize the most important scans. This feature helps when you have many working environments and want to ensure high priority scans are completed first.
By default, scans are queued based on the order in which they are initiated. With the ability to prioritize scans, you can move scans to the front of the queue. Multiple scans can be prioritized. Priority is designated in a first-in, first-out order, meaning the first scan you prioritize moves to the front of the queue; the second scan you prioritize becomes second in the queue, and so forth.
Priority is granted on a one-time basis. Automatic rescans of mapping data occur in the default order.
Prioritization is limited to mapping-only scans; it's not available for map and classify scans.
For more information, see Prioritize scans.
BlueXP classification supports the ability to batch retry all failed scans.
You can reattempt scans in a batch operation with the Retry all function. If classification scans are failing due to a temporary issue such as a network outage, you can retry all scans at the same time with one button instead of retrying them individually. Scans can be retried as many times as needed.
To retry all scans:
-
From the BlueXP classification menu, select Configuration.
-
To retry all failed scans, select Retry all scans.
The accuracy of the machine learning model for predefined categories has improved by 11%.
22 January 2025
Version 1.39
This BlueXP classification release updates the export process for the Data Investigation report. This export update is useful for performing additional analyses on your data, creating additional visualizations on the data, or sharing the results of your data investigation with others.
Previously, the Data Investigation report export was limited to 10,000 rows. With this release, the limit has been removed so that you can export all of your data. This change enables you to export more data from your Data Investigation reports, providing you with more flexibility in your data analysis.
You can choose the working environment, volumes, destination folder, and either JSON or CSV format. The exported filename includes a timestamp to help you identify when the data was exported.
The supported working environments include:
-
Cloud Volumes ONTAP
-
FSx for ONTAP
-
ONTAP
-
Share group
Exporting data from the Data Investigation report has the following limitations:
-
The maximum number of records to download is 500 million. per type (files, directories, and tables)
-
One million records are expected to take about 35 minutes to export.
For details about data investigation and the report, see Investigate data stored in your organization.
16 December 2024
Version 1.38
This BlueXP classification release includes general improvements and bug fixes.
Cloud Volumes ONTAP
4 September 2025
Cloud Volumes ONTAP 9.17.1 RC
You can now use BlueXP to deploy and manage the Release Candidate 1 of Cloud Volumes ONTAP 9.17.1 in Azure and Google Cloud. However, this version is not available for deployment and upgrade in AWS.
11 August 2025
End of availability of Optimized licenses
Beginning on August 11, 2025, the Cloud Volumes ONTAP Optimized license will be deprecated and will no longer be available for purchase or renewal in the Azure and Google Cloud marketplaces for pay-as-you-go (PAYGO) subscriptions. If you have an existing annual contract with an Optimized license, you can continue to use the license until the end of your contract. When your Optimized license expires, you can opt for Cloud Volumes ONTAP Essentials or Professional licenses in BlueXP.
However, the ability to add or renew Optimized licenses will be available through the APIs.
For information about licensing packages, refer to Licensing for Cloud Volumes ONTAP.
For information about switching to a different charging method, refer to Manage capacity-based licensing.
14 July 2025
Support for transparent proxy
BlueXP now supports transparent proxy servers in addition to the existing explicit proxy connections. When creating or modifying the BlueXP Connector, you can configure a transparent proxy server to securely manage network traffic to and from Cloud Volumes ONTAP.
For more information about the use of proxy servers in Cloud Volumes ONTAP, refer to:
New VM type supported for Cloud Volumes ONTAP in Azure
Beginning with Cloud Volumes ONTAP 9.13.1, L8s_v3 is supported as a VM type in Azure single and multiple availability zones, for both new and existing high-availability (HA) pair deployments.
For more information, refer to
Supported configurations in Azure.
Copy and sync
2 February 2025
New OS support for data broker
The data broker is now supported on hosts running Red Hat Enterprise 9.4, Ubuntu 23.04, and Ubuntu 24.04.
27 October 2024
Bug fixes
We updated the BlueXP copy and sync service and the data broker to fix a few bugs. The new data broker version is 1.0.56.
16 September 2024
Bug fixes
We updated the BlueXP copy and sync service and the data broker to fix a few bugs. The new data broker version is 1.0.55.
Digital advisor
06 August 2025
Support entitled switches
You can now view information about Brocade Fibre Channel SAN switches that are entitled for support. This includes details about the switch model, serial number, and support status. Learn how to view support entitled switches.
Threshold for RSS AutoSupport data
The Recently Stopped Sending (RSS) limit, in the AutoSupport widget, has been extended from 48 hours (2 days) to 216 hours (9 days) before a system is flagged as RSS. This is done to accommodate platforms like StorageGRID that only send weekly AutoSupport data.
Deprecated API section in Digital Advisor API catalog
A new deprecated API section is available in the Digital Advisor API catalog. It lists the APIs that are scheduled for deprecation, along with deprecation timelines and alternative APIs.
Capacity forecast V2 and End of Support API modules deprecation
The capacity forecast V2 and end of support API modules are scheduled for deprecation. To access the deprecated APIs or to know about the deprecation timelines and alternative APIs, navigate to API services → Browse → Deprecated APIs.
09 July 2025
Upgrade Advisor
-
A multi-format download option has been included for Upgrade Advisor plans to simplify ONTAP upgrade planning and address potential blockers or warnings. You can now download upgrade advisor plans in Excel, PDF, and JSON formats.
-
In the Excel format of the Upgrade Advisor plan, the following enhancements have been made:
-
You can view the pre-checks performed on the cluster, flagging the results with indicators such as “Passed,” “Failed,” or “Skipped.” This ensures that the cluster is in optimal condition for completing the ONTAP upgrade.
-
You can view the recommended latest firmware updates applicable to the cluster, along with the version shipped with the ONTAP target version.
-
A new tab has been included that offers interoperability checks for SAN clusters. It provides a view of the supported Host OS versions for the selected target ONTAP version.
-
08 May 2025
AutoSupport widget
The AutoSupport widget has been enhanced to include a pop-up to provide details about systems that have stopped sending AutoSupport data. Enabling AutoSupport reduces downtime risk and supports proactive system health management.
Support contracts report
The support contracts report has been enhanced to include the new ASP/LSG flag field. This field allows you to filter and identify systems covered by an Authorized Support Partner, also known as Lifecycle Services Certified.
Sustainability dashboard
You can now launch the Sustainability dashboard using the link included in the sustainability presentation.
Digital wallet
10 March 2025
Ability to remove subscriptions
You can now remove subscriptions from the digital wallet if you have unsubscribed from them.
View consumed capacity for Marketplace subscriptions
When viewing PAYGO subscriptions, you can now view the consumed capacity of the subscription.
10 February 2025
The BlueXP digital wallet has been redesigned for ease of use and now provides additional subscription and license management.
New Overview dashboard
The digital wallet homepage has an updated dashboard of your NetApp licenses and Marketplace subscriptions, with the ability to drill-down into specific services, license types and required actions.
Configuring subscriptions to credentials
The BlueXP digital wallet now allows you to configure your subscriptions to provider credentials. Typically you do this when you first subscribe to a Marketplace subscription or annual contract. Previously changing the subscription's credentials could only be done on the Credentials page.
Associating subscriptions with organizations
You can now update the organization to which a subscription is associated directly from digital wallet.
Managing Cloud Volume ONTAP licenses
You now manage Cloud Volumes ONTAP licenses through the home page or the Direct licenses tab. Use the Marketplace subscriptions tab to view your subscription information.
5 March 2024
BlueXP disaster recovery
The BlueXP digital wallet now enables you to manage licenses for BlueXP disaster recovery. You can add licenses, update licenses, and view details about licensed capacity.
30 July 2023
Usage reports enhancements
Several improvements to the Cloud Volumes ONTAP usage reports are now available:
-
The TiB unit is now included in the name of columns.
-
A new node(s) field for serial numbers is now included.
-
A new Workload Type column is now included under the Storage VMs usage report.
-
Working environment names are now included in the Storage VMs and Volume usage reports.
-
The volume type file is now labeled Primary (Read/Write).
-
The volume type secondary is now labeled Secondary (DP).
For more information about the usage reports, refer to Download usage reports.
Disaster recovery
15 September 2025
Version 4.3.5P3
Script configuration for test failover
With this release, you can now run scripts on VMs after they power on during the test failover process. This enables you to test and validate scripts. For example, you can update NFS mounts to point to a new target server, ensuring that guest applications come fully online and that your recovery process can be tested end-to-end.
For more information on the fail over process, see Fail over applications to a remote site.
Improved failback process
During failover, the failback process is now disabled until discovery completes. This ensures all configurations are correctly identified and accounted for before initiating a fail back, and reduces the risk of errors.
For more information on the failback process, see Fail back applications to the original source.
04 August 2025
Version 4.2.5P2
BlueXP disaster recovery updates
This release includes the following updates:
-
Improved the VMFS support to handle the same LUN presented from multiple storage virtual machines.
-
Improved the test teardown cleanup to handle the datastore already being unmounted and or deleted.
-
Improved subnet mapping so that it now validates that the gateway entered is contained within the network provided.
-
Corrected an issue that could cause the replication plan to fail if the VM name contains ".com".
-
Removed a restriction preventing the destination volume from being the same as the source volume when creating the volume as part of the replication plan creation.
-
Added support for a pay-as-you-go (PAYGO) subscription to NetApp Intelligent Services in the Azure Marketplace and added a link to the Azure Marketplace in the free trial dialog.
For details, see BlueXP disaster recovery licensing and Set up licensing for BlueXP disaster recovery.
14 July 2025
Version 4.2.5
User roles in BlueXP disaster recovery
BlueXP disaster recovery now employs roles to govern the access that each user has to specific features and actions.
The service uses the following roles that are specific to BlueXP disaster recovery.
-
Disaster recovery admin: Perform any actions in BlueXP disaster recovery.
-
Disaster recovery failover admin: Perform failover and migrate actions in BlueXP disaster recovery.
-
Disaster recovery application admin: Create and modify replication plans and start test failovers.
-
Disaster recovery viewer: View information in BlueXP disaster recovery, but cannot perform any actions.
If you are clicking on the BlueXP disaster recovery service and configuring it for the first time, you must have the SnapCenterAdmin permission or have the Organization Admin role.
For details, see User roles and permissions in BlueXP disaster recovery.
Other updates in BlueXP disaster recovery
-
Enhanced network discovery
-
Scalability improvements:
-
Filtering for the required metadata instead of all the details
-
Discovery improvements to retrieve and update VM resources faster
-
Memory optimization and performance optimization for data retrieval and data updates
-
vCenter SDK client creation and pool management improvements
-
-
Stale data management on the next scheduled or manual discovery:
-
When a VM is deleted in the vCenter, BlueXP disaster recovery now automatically removes it from the replication plan.
-
When a datastore or network is deleted in the vCenter, BlueXP disaster recovery now deletes it from the replication plan and resource group.
-
When a cluster, host, or datacenter is deleted in the vCenter, BlueXP disaster recovery now deletes it from the replication plan and resource group.
-
-
You can now access Swagger documentation in your browser's incognito mode. You can access it from within BlueXP disaster recovery from the Settings option > API Documentation or directly at the following URL in your browser's incognito mode: Swagger documentation.
-
In some situations after a failback operation, the iGroup was left behind after the operation completed. This update removes the iGroup if it is stale.
-
If the NFS FQDN was used in the replication plan, BlueXP disaster recovery now resolves it to an IP address. This update is useful if the FQDN is not resolvable in the disaster recovery site.
-
UI alignment improvements
-
Log improvements to capture the vCenter sizing details after the successful discovery
30 June 2025
Version 4.2.4P2
Discovery improvements
This update improves the discovery process, which reduces the time needed for discovery.
23 June 2025
Version 4.2.4P1
Subnet mapping improvements
This update enhances the Add and Edit Subnet Mapping dialog with a new search functionality. You can now quickly find specific subnets by entering search terms, making it easier to manage subnet mappings.
9 June 2025
Version 4.2.4
Windows Local Administrator Password Solution (LAPS) support
Windows Local Administrator Password Solution (Windows LAPS) is a Windows feature that automatically manages and backs up the password of a local administrator account on Active directory.
You can now select subnet mapping options and check the LAPS option by providing the domain controller details. Using this option, you don't need to provide a password for each of your virtual machines.
For details, refer to Create a replication plan.
E-Series systems
12 May 2025
BlueXP access role needed
You now need one of the following access roles to view, discover or manage E-Series in BlueXP: Organization admin, Folder or project admin, Storage admin, or System health specialist. Learn about BlueXP access roles.
18 September 2022
Support for E-Series
You can now discover your E-Series systems directly from BlueXP. Discovering E-Series systems provides you with a complete view of data across your hybrid multicloud.
Economic efficiency
15 May 2024
Disabled features
Some BlueXP economic efficiency features have been temporarily disabled:
-
Technology refresh
-
Add capacity
14 March 2024
Technology refresh options
If you have existing assets in place and want to determine whether a technology needs to be updated, you can use the BlueXP economic efficiency technology refresh options. You can either review a short assessment of your current workloads and get recommendations, or if you sent AutoSupport logs to NetApp within the past 90 days, the service can now provide a workload simulation to see how your workloads perform on new hardware.
You can also add a workload and exclude existing workloads from the simulation.
Previously, you could only take an assessment of your assets and identify whether a technology refresh is recommended.
The feature is now part of the Tech refresh option in the left navigation.
Learn more about the Evaluate a technology refresh.
08 November 2023
Technology refresh
This release of BlueXP economic efficiency includes a new option to take an assessment of your assets and identify whether a technology refresh is recommended. The service includes a new Tech refresh option in the left navigation, new pages where you can take an assessment of your current workloads and assets, and a report that provides recommendations to you.
Edge caching
The BlueXP edge caching service was removed on August 7, 2024.
Google Cloud NetApp Volumes
21 July 2025
Support for Google Cloud NetApp Volumes in BlueXP
You can now manage Google Cloud NetApp Volumes directly from BlueXP:
-
Add a working environment.
-
View your volumes.
-
Remove your working environment.
Google Cloud Storage
10 July 2023
Ability to add new buckets and manage existing buckets from BlueXP
You have had the ability to view Google Cloud Storage buckets on the BlueXP Canvas for quite a while. Now you can add new buckets and change properties for existing buckets directly from BlueXP. See how to add new Google Cloud Storage buckets.
Keystone
22 September 2025
Addition of alert monitoring
The Keystone dashboard in BlueXP now includes a Monitoring tab for managing alerts and monitors across your subscriptions. This new tab enables you to:
-
View and resolve active alerts, including both system-generated and user-defined alerts for capacity usage and subscription expiration.
-
Create alert monitors to track capacity usage and subscription expiration events.
To learn more, refer to View and manage alerts and monitors.
Streamlined performance service levels viewing
You can view the performance service levels information, now moved from a separate tab to an expandable view, within the Subscriptions tab. Click the down arrow next to the Expiration date column to view them for each subscription. To learn more, refer to View details about your Keystone subscriptions.
28 August 2025
Enhanced logical usage tracking with a new column
A new column, Total footprint, is added to enhance Keystone consumption tracking for FabricPool volumes:
-
Keystone dashboard in BlueXP: You can see the Total footprint column in the Volumes in clusters tab within the Assets tab.
-
Digital Advisor: You can see the Total Footprint column in the Volume Details tab within the Volumes & Objects tab.
This column displays the total logical footprint for volumes using FabricPool tiering, including data from both performance and cold tiers, so you can accurately calculate Keystone consumption.
05 August 2025
View instance-level consumption data
You can view current consumption and historical data for each performance service level instance through the Keystone dashboard in BlueXP. This feature is available for performance service levels with multiple instances, provided you have a Keystone version 3 (v3) subscription. To learn more, refer to View the consumption of your Keystone subscriptions.
Kubernetes
Support for discovering and managing Kubernetes clusters was removed on August 7, 2024.
Migration reports
The BlueXP migration reports service was removed on August 7, 2024.
On-prem ONTAP clusters
12 May 2025
BlueXP access role needed
You now need one of the following access roles to view, discover or manage on-prem ONTAP clusters: Organization admin, Folder or project admin, Storage admin, or System health specialist. Learn about BlueXP access roles.
26 November 2024
Support for ASA r2 systems with private mode
You can now discover NetApp ASA r2 systems when using BlueXP in private mode. This support is available starting with the 3.9.46 private mode release of BlueXP.
7 October 2024
Support for ASA r2 systems
You can now discover NetApp ASA r2 systems in BlueXP when using BlueXP in standard mode or restricted mode. After you discover a NetApp ASA r2 system and open the working environment, you're brought directly to System Manager.
No other management options are available with ASA r2 systems. You can't use the Standard view and you can't enable BlueXP services.
Discovery of ASA r2 systems is not supported when using BlueXP in private mode.
Operational resiliency
02 April 2023
BlueXP operational resiliency service
Using the new BlueXP operational resiliency service and its automated IT operational risk remediation suggestions, you can implement suggested remediations before an outage or failure occurs.
Operational resiliency is a service that helps you analyze alerts and events to maintain the health, uptime, and performance of services and solutions.
Ransomware protection
12 August 2025
This release includes general enhancements and improvements.
15 July 2025
SAN workload support
This release includes support for SAN workloads in BlueXP ransomware protection. You can now protect SAN workloads in addition to NFS and CIFS workloads.
For more information, refer to BlueXP ransomware protection prerequisites.
Improved workload protection
This release improves the configuration process for workloads with snapshot and backup policies from other NetApp tools such as SnapCenter or BlueXP backup and recovery. In previous releases, BlueXP ransomware protection discovered the policies from other tools, only allowing you to change the detection policy. With this release, you can now replace snapshot and backup policies with BlueXP ransomware protection policies or continue to use the policies from other tools.
For details, refer to Protect workloads.
Email notifications
If BlueXP ransomware protection detects a possible attack, a notification appears in the BlueXP Notifications, and an email is sent to the email address that you configured.
The email includes information about the severity, the impacted workload, and a link to the alert in the BlueXP ransomware protection Alerts tab.
If you configured a security and event management (SIEM) system in BlueXP ransomware protection, the service sends alert details to your SIEM system.
For details, refer to Handle detected ransomware alerts.
9 June 2025
Landing page updates
This release includes updates to the landing page for BlueXP ransomware protection that makes starting the free trial and discovery easier.
Readiness drill updates
Previously, you could run a ransomware readiness drill by simulating an attack on a new sample workload. With this feature, you can investigate the simulated attack and recover the workload. Use this feature to test alert notifications, response, and recovery. Run and schedule these drills as often as needed.
With this release, you can use a new button on the BlueXP ransomware protection Dashboard to run a ransomware readiness drill on a test workload, making it easier for you to simulate ransomware attacks, investigate their impact, and recover workloads efficiently, all within a controlled environment.
You can now run readiness drills on CIFS (SMB) workloads in addition to NFS workloads.
For details, refer to Conduct a ransomware attack readiness drill.
Enable BlueXP classification updates
Before you use BlueXP classification within the BlueXP ransomware protection service, you need to enable BlueXP classification to scan your data. Classifying data helps you find personally identifiable information (PII), which can increase security risks.
You can deploy BlueXP classification on a file share workload from within BlueXP ransomware protection. In the Privacy exposure column, select the Identify exposure option. If you've enabled the classification service, this action identifies the exposure. Otherwise, with this release, a dialog box presents the option to deploy BlueXP classification. Select Deploy to go to the BlueXP classification service landing page, where you can deploy that service. W
For details, refer to Deploy BlueXP classification in the cloud and to use the service within BlueXP ransomware protection, refer to Scan for personally identifiable information with BlueXP classification.
13 May 2025
Reporting of unsupported working environments in BlueXP ransomware protection
During the discovery workflow, BlueXP ransomware protection reports more details when you hover over Supported or Unsupported Workloads. This will help you understand why some of your workloads are not discovered by the BlueXP ransomware protection service.
There are many reasons why the service doesn't support a working environment, for example, the ONTAP version on your working environment could be below the required version. When you hover over an unsupported working environment, a tooltip displays the reason.
You can view the unsupported working environments during initial discovery, where you can also download the results. You can also view the results of discovery from the Workload discovery option in the Settings page.
For details, refer to Discover workloads in BlueXP ransomware protection.
29 April 2025
Support for Amazon FSx for NetApp ONTAP
This release supports Amazon FSx for NetApp ONTAP. This feature helps you protect your FSx for ONTAP workloads with BlueXP ransomware protection.
FSx for ONTAP is a fully managed service that provides the power of NetApp ONTAP storage in the cloud. It provides the same features, performance, and administrative capabilities that you use on-premises with the agility and scalability of a native AWS service.
The following changes were made to the BlueXP ransomware protection workflow:
-
Discovery includes workloads in FSx for ONTAP 9.15 working environments.
-
The Protection tab shows workloads in FSx for ONTAP environments. In this environment, you should perform backup operations using the FSx for ONTAP backup service. You can restore these workloads using BlueXP ransomware protection snapshots.
Backup policies for a workload running on FSx for ONTAP can't be set in BlueXP. Any existing backup policies set in Amazon FSx for NetApp ONTAP remain unchanged. -
Alert incidents show the new FSx for ONTAP working environment.
For details, refer to Learn about BlueXP ransomware protection and working environments.
For information about the supported options, refer to the BlueXP ransomware protection limitations.
BlueXP access role needed
You now need one of the following access roles to view, discover, or manage BlueXP ransomware protection: Organization admin, Folder or project admin, Ransomware protection admin, or Ransomware protection viewer.
14 April 2025
Readiness drill reports
With this release, you can review ransomware attack readiness drill reports. A readiness drill enables you to simulate a ransomware attack on a newly created, sample workload. Then, investigate the simulated attack and recover the sample workload. This feature helps you know that you are prepared in the event of an actual ransomware attack by testing alert notification, response, and recovery processes.
For details, refer to Conduct a ransomware attack readiness drill.
New role-based access control roles and permissions
Previously, you could assign roles and permissions to users based on their responsibilities, which helps you manage user access to BlueXP ransomware protection. With this release, there are two new roles specific to BlueXP ransomware protection with updated permissions. The new roles are:
-
Ransomware protection admin
-
Ransomware protection viewer
For details about permissions, refer to BlueXP ransomware protection role-based access to features.
Payment improvements
This release includes several improvements to the payment process.
For details, refer to Set up licensing and payment options.
Remediation
The BlueXP remediation service was removed on April 22, 2024.
Replication
18 Sept 2022
FSx for ONTAP to Cloud Volumes ONTAP
You can now replicate data from an Amazon FSx for ONTAP file system to Cloud Volumes ONTAP.
31 July 2022
FSx for ONTAP as the data source
You can now replicate data from an Amazon FSx for ONTAP file system to the following destinations:
-
Amazon FSx for ONTAP
-
On-premises ONTAP cluster
2 September 2021
Support for Amazon FSx for ONTAP
You can now replicate data from a Cloud Volumes ONTAP system or an on-premises ONTAP cluster to an Amazon FSx for ONTAP file system.
Software updates
12 May 2025
BlueXP access role needed
You now need one of the following access roles to install software updates: Organization admin, Folder or project admin, Storage admin, Storage viewer, or Storage health specialist. Users with the Storage viewer role have various permissions related to software updates, but cannot install software updates. Learn about BlueXP access roles.
02 April 2025
Mitigated risks
In the summary section of BlueXP software updates, you can now view the total number of risks that can be mitigated by the operating system update. This allows users to assess the security and stability improvements on their installation base.
07 August 2024
ONTAP update
The BlueXP software updates service provides a seamless update experience to users by mitigating risks, and ensuring customers can fully leverage ONTAP features.
Learn more about BlueXP software updates.
StorageGRID
12 May 2025
BlueXP access roles needed
You now need one of the following access roles to view, discover or manage StorageGRID in BlueXP: Organization admin, Folder or project admin, Storage admin, or Storage health specialist. Learn about BlueXP access roles.
7 August 2024
New advanced view
Starting with StorageGRID 11.8, you can use the familiar Grid Manager interface to manage your StorageGRID system from BlueXP.
Ability to review and approve StorageGRID management interface certificate
You now have the ability to review and approve a StorageGRID management interface certificate when discovering the StorageGRID system from BlueXP. You can also review and approve the latest StorageGRID management interface certificate on a discovered grid.
18 September 2022
Support for StorageGRID
You can now discover your StorageGRID systems directly from BlueXP. Discovering StorageGRID provides you with a complete view of data across your hybrid multicloud.
Tiering
9 August 2023
Use a custom prefix for the bucket name
In the past you needed to use the default "fabric-pool" prefix when defining the bucket name, for example, fabric-pool-bucket1. Now you can use a custom prefix when naming your bucket. This functionality is available only when tiering data to Amazon S3. Learn more.
Search for a cluster across all BlueXP Connectors
If you are using multiple Connectors to manage all the storage systems in your environment, some clusters on which you want to implement tiering may be in different Connectors. If you are not sure which Connector is managing a certain cluster, you can search across all Connectors using BlueXP tiering. Learn more.
4 July 2023
Adjust the bandwidth to transfer inactive data
When you activate BlueXP tiering, ONTAP can use an unlimited amount of network bandwidth to transfer the inactive data from volumes in the cluster to object storage. If you notice that tiering traffic is affecting normal user workloads, you can throttle the amount of bandwidth that can be used during the transfer. Learn more.
Tiering event displayed in the Notification Center
The tiering event "Tier additional data from cluster <name> to object storage to increase your storage efficiency" now appears as a notification when a cluster is tiering less than 20% of its cold data - including clusters that are tiering no data.
This notification is a "Recommendation" to help make your systems more efficient and to save on storage costs. It provides a link to the BlueXP tiering total cost of ownership and savings calculator to help you calculate your cost savings.
3 April 2023
Licensing tab has been removed
The Licensing tab has been removed from the BlueXP tiering interface. All licensing for Pay-as-you-go (PAYGO) subscriptions are accessed from the BlueXP tiering On-Premises Dashboard now. There is also a link from that page to the BlueXP digital wallet so that you can view and manage any BlueXP tiering bring-your-own-licenses (BYOL).
Tiering tabs have been renamed and updated
The "Clusters Dashboard" tab has been renamed to "Clusters", and the "On-Prem Overview" tab has been renamed to "On-Premises Dashboard". These pages have added some information that will help you evaluate if you can optimize your storage space with additional tiering configuration.
Volume caching
04 June 2023
Volume caching
Volume caching, a feature of ONTAP 9 software, is a remote caching capability that simplifies file distribution, reduces WAN latency by bringing resources closer to where your users and compute resources are, and lowers WAN bandwidth costs. Volume caching provides a persistent, writable volume in a remote place. You can use BlueXP volume caching to speed up access to data or to offload traffic from heavily accessed volumes. Cache volumes are ideal for read-intensive workloads, especially where clients need to access the same data repeatedly.
With BlueXP volume caching, you have caching capabilities for the cloud, specifically for Amazon FSx for NetApp ONTAP, Cloud Volumes ONTAP, and on-premises as working environments.
Workload factory
29 June 2025
Permissions update for Databases
The following permission is now available in read-only mode for Databases: cloudwatch:GetMetricData
.
BlueXP workload factory notification service support
The BlueXP workload factory notification service enables workload factory to send notifications to the BlueXP alerts service or to an Amazon SNS topic. Notifications sent to BlueXP alerts appear in the BlueXP alerts panel. When workload factory publishes notifications to an Amazon SNS topic, subscribers to the topic (such as people or other applications) receive the notifications at the endpoints configured for the topic (such as email or SMS messages).
04 May 2025
CloudShell autocomplete support
When using BlueXP workload factory CloudShell, you can start typing a command and press the Tab key to view available options. If multiple possibilities exist, the CLI will display a list of suggestions. This feature enhances productivity by minimizing errors and speeding up command execution.
Updated permissions terminology
The workload factory user interface and documentation now use "read-only" to refer to read permissions and "read/write" to refer to automate permissions.
30 March 2025
CloudShell reports AI-generated error responses for ONTAP CLI commands
When using CloudShell, each time you issue an ONTAP CLI command and an error occurs, you can get AI-generated error responses that include a description of the failure, the cause of the failure, and a detailed resolution.
iam:SimulatePermissionPolicy permission update
Now you can manage the iam:SimulatePrincipalPolicy
permission from the workload factory console when you add additional AWS account credentials or add a new workload capability such as the GenAI workload.
02 February 2025
CloudShell available in BlueXP workload factory console
CloudShell is available from anywhere in the BlueXP workload factory console. CloudShell allows you to use the AWS and ONTAP credentials that you've provided in your BlueXP account and execute AWS CLI commands or ONTAP CLI commands in a shell-like environment.
Permissions update for Databases
The following permission is now available in read mode for Databases: iam:SimulatePrincipalPolicy
.