menu

Feed available - Subscribe to our feed to stay up to date on upcoming maintenance and incidents.

Kony Cloud status
Current status and incident report

Quantum V9 SP4 Release

Maintenance window: January 17, 2022 00:01 to 04:00
The maintenance window start and end times are local to the region in which your Clouds are hosted. If you are unsure where your Clouds are hosted, you can hover over a Cloud Name in the Manage Clouds page of the Cloud Management Console and the region will be displayed.
Impacted Cloud services:
  • Cloud Management Console

    • Enhanced extensibility for Integration and Object services

  • Fabric Integration Server

    • Advanced Workflow capabilities with Parallel paths

    • Added Looping support for workflows

    • Improved security for caching using Redis

  • Fabric Identity

    • Improved support for OAuth connections using private key JWT

  • AppFactory

    • Support for Istanbul testing code coverage for Quantum built apps using the Quantum Testing Framework. Ensure every line of your code is tested, every time you test.

    • Group failed tests together and re-run those test as part of AppFactory’s testing process with the Quantum Testing Framework.

    • Web based cross app testing backported to 9.2 to allow testers to instrument test scenarios that take the test case outside the Quantum Testing Framework, like OAuth.

    • Micro app test case support for combining base micro app test cases to a larger test case within a composite app.

    • Command line support for create new AppFactory projects and building Visualizer based apps within AppFactory from the command line.

    • Apple API key support for signing iOS based apps.

    • Regenerate Fabric object models for visualizer based apps every time you build with AppFactory.


Impact Level : minor

Minor downtime is possible for the impacted Cloud services while this maintenance is being performed. The scheduled maintenance is designed to mitigate disruptions to service availability and performance for the impacted Cloud services. However, it is possible for the impacted Cloud services to be unavailable and/or performance degraded for a short period of time during the maintenance window. Note that no changes are being applied for other Cloud services outside of the list of impacted services above and no service availability or performance disruption is expected for other Cloud services.

AWS Outage affecting US Virgina customers in one datacenter

Incident window: December 22, 2021 12:33 UTC to ongoing
The AWS Service Status page will have the lastest information about the known issues and actions that AWS is taking.
Impacted Cloud services:
  • AWS (Virgina region only) instances and network issues

    • AWS power outage for compute, network and disk services in a single datacenter. As physical datacenters are allocated randomly, only a subset of Kony customers would see any impact.

    • Kony Cloud runtime services are generally not affected, and survived the initial outage by design. However, power restoration has not been orderly leading to recovery issues.

    • Other regions are not affected


Impact Level : medium

AWS Regional outage in Virgina cause by power failure in one of the AWS datacenters.

[2021-12-22 15:45 UTC] The underlying Virginia region is returning API errors for many services. We are working with AWS to understand the issues, impacts, and recovery timeline.

[2021-12-22 13:56 UTC] The underlying Virginia region is returning to normal. There were failovers for the Kony Cloud runtime services, and the system continued to run on a single datacenter. However, power-on activities, while mostly successful, have see sporadic incidents. We will launch a full recovery inventory on the underlying AWS issues are resolved.

[2021-12-22 23:15 UTC] AWS continues to recover compute and disk resources. Kony Cloud systems are on line and running normally, but customers should report any issues that are noticed.

[2021-12-23 00:22 UTC] Resolved. AWS has restored power and recovered compute and disks. Databases have automatically failed over, and any local disk or compute failure has automatically been replaced. Please report any issues with Fabric services.

CVE-2021-44228 Discovered

Incident window: December 10, 2021
The cloud operations and security team have thoroughly investigated the reported Log4j vulnerability (CVE-2021-44228) and found no current vulnerability to the services hosted on the Kony Cloud due to the newer versions of JVMs currently in use.
There is an additional attack vector reported against the log4j vulnerability and the Cloud team is looking to see if this applies to Kony Cloud. This variation proports to work around the JVM protections.
Customers that have uploaded vunerable versions of log4j2 and deployed these JARs as part of their applications should immediately remove the log4j2 Jars (log4j-core, log4j-api, etc), deletete the jars from their applications and from the workspace, and republish the affected applications. Kony Quantium loads log4j2 jars into the classpath, and we will patching the product jars. Having a dupicate JARs in the app will circumvent any remediation that the Cloud team provides.
Impacted Cloud services:
  • Kony Cloud platform and services

    • CVE-2021-44228 details a flaw that was found in the Java logging library Apache Log4j, in versions 2.0 before 2.15.0, that are also running older JVMs. This allows an attacker to execute code on the server if the system logs an attacker-controlled string value with the attacker’s JNDI LDAP URL and that LDAP server responds with a specially crafted payload.

    • This is not a critical risk on the Kony Cloud Platform as more recent JVMs default to not loading code over untrusted URLs. There is no attack vector for remote code execution on the Kony Cloud Platform, and

      as always we would ask customers to be security conscious with all custom java code which they choose to upload to their environment.

    • The product teams, as part of due diligence, will be incorporating the latest log4j release and Kony Cloud will deploy the updates once available.


Impact Level : high

There is no impact to customer’s runtime environment at this time. As always, we would encourage customers to use caution when uploading custom Java code to their environments.

[2021-12-13 11:54 UTC] There is an additional attack vector reported against the log4j vulnerability and the teams are looking to see if this applies to Kony Cloud.

[2021-12-13 11:54 UTC] The is a risk from the latest log4j attack vector and we are patching the affected products and will be updating clusters in the coming hours.

[2021-12-14 09:15 UTC] All Identity services on Kony Cloud have been patched for CVE-2021-44228. We will be patching additional products as quickly as we can.

[2021-12-18 05:04 UTC] All multi-tenant services on Kony Cloud have been patched for CVE-2021-44228. This includes the Kony Cloud management console, Engagement, Developer Portal, and the Multi-Tenant Integration services.

[2021-12-21 19:10 UTC] The latest monitoring agent is being updated on all multi-tenant services on Kony Cloud as the agent was vunerable to CVE-2021-44228. This update will also being included in any updates to dedicated customer environments. We will be patching dedicated customer environmemnts as quickly as we can.

[2021-12-23 07:10 UTC] We have begun updating the Fabric and Sync servers, as well as the monitoring agents on these systems. We will be patching dedicated customer environmemnts as quickly as we can over the next few days. While there are some environments that have passed the End-of-Life dates, we will make every effort to patch those systems as well. We hope to complet the updates over the next 72 hours.

[2021-12-24 02:00 UTC] We have completed updates to all Sync 8.x environments and partial updates to Fabric environments. A more recent HotFix may have been applied as part of these updates, and customers should verify functionality of the applications. We are contiuing to roll out updates for all supported releases, and will patch EOL versions on a best effort basis.

[2021-12-24 14:05 UTC] We have completed updates to all Fabric 9.3.x environments and partial updates to other Fabric versions. A more recent HotFix may have been applied as part of these updates, and customers should verify functionality of the applications. We are contiuing to roll out updates for all supported releases, and will patch EOL versions on a best effort basis.

[2021-12-24 19:25 UTC] We have completed updates to all Fabric 9.2.x environments and partial updates to other Fabric versions. A more recent HotFix may have been applied as part of these updates, and customers should verify functionality of the applications. We are contiuing to roll out updates for all supported releases, and will patch EOL versions on a best effort basis.

[2021-12-25 01:55 UTC] We have completed updates to all Fabric 9.1.x environments and partial updates to other Fabric versions. A more recent HotFix may have been applied as part of these updates, and customers should verify functionality of the applications. We are contiuing to roll out updates for all supported releases, and will patch EOL versions on a best effort basis.

[2021-12-25 04:52 UTC] We have completed updates to all Fabric 9.0.x environments and partial updates to other Fabric versions. A more recent HotFix may have been applied as part of these updates, and customers should verify functionality of the applications. We are contiuing to roll out updates for all supported releases, and will patch EOL versions on a best effort basis.

[2021-12-26 05:52 UTC] We have completed updates to all Fabric 8.0.x, 8.1.x, 8.2.x, and 8.3.x environments and partial updates to other Fabric versions. A more recent HotFix may have been applied as part of these updates, and customers should verify functionality of the applications. Please open a ticket if there are any issues noticed with the log4j2 updates. We are contiuing to roll out updates for all supported releases, and will patch EOL versions on a best effort basis.

[2021-12-26 22:26 UTC] We have completed updates to all Fabric 8.4.x environments and partial updates to other Fabric versions. A more recent HotFix may have been applied as part of these updates, and customers should verify functionality of the applications. Please open a ticket if there are any issues noticed with the log4j2 updates. We are contiuing to roll out updates for all supported releases, and will patch EOL versions on a best effort basis.

[2021-12-29 18:19 UTC] We have completed updates to all Sync 7.x environments. All Sync environments on Kony Cloud have been patched for CVE-2021-44228. A more recent HotFix may have been applied as part of these updates, and customers should verify functionality of the applications. Please open a ticket if there are any issues noticed with the log4j2 updates. We continue to patch EOL versions on a best effort basis.

[2021-12-30 02:40 UTC] We have completed updates to all Fabric 7.x environments. All Fabic environments on Kony Cloud have been patched for CVE-2021-44228. A more recent HotFix may have been applied as part of these updates, and customers should verify functionality of the applications. Please open a ticket if there are any issues noticed with the log4j2 updates.

[2021-12-30 02:45 UTC] We are working on a plan to assist customers who have built and deployed custom WAR files, or who have uploaded a version of log4j-core-*.jar that is compromised. Customers using the ZIP format for deployments will not need any additional patches if they have not deployed a custom version of log4j2 JARs.

[2022-01-07 02:56 UTC] We have patched all of the internal files used for customers deploying WAR files from Visualizer Enterprise or Kony Studio. Customers that have published WARs will need to re-publish the WAR in order to pick up the patched log4j2 JARs. Customers using the ZIP format for deployments will not need any additional patches if they have not deployed a custom version of log4j2 JARs.

[2022-01-07 20:37 UTC] We have reviewed workspaces for customer uploads of the affected log4j JARs and will be opening tickets for each customer to a) remove the JAR and use the JARs already in CLASSPATH on the Fabric servers, b) Upload a patched log4j JAR and deploy the uploaded JAR, or c) Upload and use 2.17+ of log4j in their custom code. We recommend option ‘a’ where possible.

Subscribe to the RSS feed on this page for the latest updates.

AWS Outage affecting US Virgina customers

Incident window: December 07, 2021 15:37 UTC to 23:03 UTC
The AWS Service Status page will have the lastest information about the known issues and actions that AWS is taking.
Impacted Cloud services:
  • AWS (Virgina region only), Console deployments, App Services custom API calls to AWS serivces may fail

    • AWS API errors for most services in the US Virgina region are impacted.

    • Kony Cloud runtime services are not affected, but application deployments will be unavailable.

    • Other regions are not affected


Impact Level : high

AWS Regional outage in Virgina is being investigated.

[2021-12-07 15:45 UTC] The underlying Virginia region is returning API errors for many services. We are working with AWS to understand the issues, impacts, and recovery timeline.

[2021-12-07 22:35 UTC] The underlying Virginia region is returning to normal. There was no outage of the Kony Cloud runtime services, but custom code that directly invoked AWS APIs from customer written services may have failed. The ability for customers to deploy updates was impacted as this activty requires API calls to some of the impacted AWS services.

[2021-12-07 23:03 UTC] Resolved. The issues that resulted from the network failure have been addressed, services are restored, and the serivce backlog has recovered.

Cloud SSL Certificate Updates

Maintenance window: September 29, 2021 00:01 to 03:00 UTC
Impacted Cloud services:
  • Cloud SSL certificates for Identity services (.auth.konycloud.com), Engagement services (.messaging.konycloud.com), App services (.konycloud.com), and Sync services (.sync.konycloud.com)

    • ⚠️ Note: If you have not pinned Kony certificates in your application, no application updates will be necessary. Customers that have pinned SSL certificates will need to download the new certificates, rebuild the applications, including both the old and new certificates, and publish the updated binaries to the various app stores. Your applications should be published before Kony updates the certificates on the cloud servers or customers will no longer be able to connect. New certificates can be found on the Kony Cloud Certificate Preview page. The new certificates can also be downloaded by executing the following commands:

      • Identity: openssl s_client -showcerts -connect konycertificatepreview.auth.konycloud.com:443

      • Engagement: openssl s_client -showcerts -connect konycertificatepreview.messaging.konycloud.com:7443

      • App: openssl s_client -showcerts -connect konycertificatepreview.konycloud.com:8443

      • Sync: openssl s_client -showcerts -connect konycertificatepreview.sync.konycloud.com:9443

    • Customers who have pinned the public key instead of the full certificate (which we strongly recommend and was made available in V8 SP4) may not be required to update their applications. The updated certificates will have the same public keys as the existing certificates.

      • If necessary, you can submit your applications for expedited approval (e.g., Apple has an expedited approval process for critical bugs, or in this case, pinned certificates).


        Impact Level : high

        Customer applications that have pinned SSL certificates will need to be updated as described above prior to this maintenance window. Customer applications that have not pinned SSL certificates will not be affected and will experience no service disruptions during this maintenance window.

        Please refer to our documentation for how to pin the public key of a certificate (which we strongly recommend and was made available in V8 SP4) or how to pin an SSL certificate in your apps (deprecated).

        Improved Cloud Management Console Support for Latest 9.2 Release

        Maintenance window: September 27, 2021 00:01 to 04:00 UTC
        The maintenance window start and end times are local to the region in which your Clouds are hosted. If you are unsure where your Clouds are hosted, you can hover over a Cloud Name in the Manage Clouds page of the Cloud Management Console and the region will be displayed.
        Impacted Cloud services:
        • Cloud Management Console

          • Implemented calling stored procedures by ordinal position of parameters.

          • Added support for Oracle CLOB and NCLOB data types.

          • Fixed a timestamp parsing issue in stored procedures and functions.


        Impact Level : low

        No downtime is expected for the impacted Cloud services while this maintenance is being performed. The scheduled maintenance is designed to mitigate disruptions to service availability and performance for the impacted Cloud services. However, it is possible for the impacted Cloud services to be unavailable and/or performance degraded for a short period of time during the maintenance window. Note that no changes are being applied for other Cloud services outside of the list of impacted services above and no service availability or performance disruption is expected for other Cloud services.

        Reporting Services - Significant performance degradation and unavailability

        Incident window: September 14, 2021 00:01 UTC to ongoing
        Impacted Cloud services:
        • Reporting Services


          Impact Level : high

          Reporting services performance is significantly degraded as analytics ingestion is encountering issues.

          We are working to recover the services and will provide an ETA as soon as possible.

          There were slight delays in processing analytics beginning on September 14th, which have grown large enough to cause a noticeable issue on the 18th. No analytics data is lost during the window, and will be reflected in newly generated reports as our ingestion systems catch up with the influx of messages to be processed.

          [2021-09-23 21:00 UTC] Resolved. The queue is now cleared and metrics/reports are now performing at normal levels.

          Cloud Management Console and Workspace Maintenance

          Maintenance window: August 30, 2021 00:01 to 04:00
          The maintenance window start and end times are local to the region in which your Clouds are hosted. If you are unsure where your Clouds are hosted, you can hover over a Cloud Name in the Manage Clouds page of the Cloud Management Console and the region will be displayed.
          Impacted Cloud services:
          • Cloud Management Console

            • Composite app publish status refresh issues fixed

            • Publish time out increased from default 20 seconds to 60 seconds to allow bigger customer apps to be publishable

          • Workspace Maintenance

            • Composite app publish status refresh issues fixed

            • Publish time out increased from default 20 seconds to 60 seconds to allow bigger customer apps to be publishable


          Impact Level : low

          No downtime is expected for the impacted Cloud services while this maintenance is being performed. The scheduled maintenance is designed to mitigate disruptions to service availability and performance for the impacted Cloud services. However, it is possible for the impacted Cloud services to be unavailable and/or performance degraded for a short period of time during the maintenance window. Note that no changes are being applied for other Cloud services outside of the list of impacted services above and no service availability or performance disruption is expected for other Cloud services.

          Quantum V9 SP3 Release

          Maintenance window: August 2, 2021 00:01 to 04:00
          The maintenance window start and end times are local to the region in which your Clouds are hosted. If you are unsure where your Clouds are hosted, you can hover over a Cloud Name in the Manage Clouds page of the Cloud Management Console and the region will be displayed.
          Impacted Cloud services:
          • Fabric Integration Server

            • Added support for WebSockets to the Quantum Fabric Cloud

            • Added support to reconfigure the scheme for Swagger 2.0 services

            • Added the Fabric Workflow Adapter in Integration Services

            • Enhancements to Workflow Audit history

            • Middleware Integration with Temenos Metering Service Client Library

            • Updates to Server Events APIs

          • Cloud Management Console

            • Supporting Modularity of Fabric Apps

            • Added OpenAPI Specification support for Object Verb Mapping

            • Added support for Custom Front-End URLs in Object Services

            • Added the Integration Service trigger type to Workflow services

            • Added support to view linked Java Pre and Post Processors for a Fabric App

            • Added a Version Upgrade mechanism to MFCLI

            • Updates to Engagement Adapter

          • Fabric Identity

            • Added support to use PKCE in JavaScript SDK

            • Added support to replace Identity Service references

          • Engagement

            • Improved support for Events notifications

            • Enhancements to Email API to send emails without audience member creation.

            • Support the engagement application creation without the certificate configuration.

            • Enhancements to the engagement adapter to support API key.

            • Deprecated support for Blackberry

          • App Factory

            • Added support for Microservices

            • Added support for Cross Application Testing

            • Added OAuth support for testing deployed web apps

          • Installer

            • Added support for WebLogic 14c

            • Cloud Installer on MS Azure

            • Added Docker Support for OpenShift


          Impact Level : high

          Brief downtime is expected for the impacted Cloud services while this maintenance is being performed. The scheduled maintenance is designed to mitigate disruptions to service availability and performance for the impacted Cloud services. However, it is possible for the impacted Cloud services to be unavailable and/or performance degraded for a short period of time during the maintenance window. Note that no changes are being applied for other Cloud services outside of the list of impacted services above and no service availability or performance disruption is expected for other Cloud services.

          [2021-07-04 21:30 UTC] Database upgrades are running longer than expected, therefore updating the impact to high. We are taking what steps we can to minimize the outage durations.