What's new in the YugabyteDB Anywhere v2.20 LTS release series

YugabyteDB release notes

The release notes for YugabyteDB are on their own page.

What follows are the release notes for all releases in the YugabyteDB Anywhere v2.20 series. Content will be added as new notable features and changes are available in the patch releases of the YBA v2.20 series.

For an RSS feed of all release series, point your feed reader to the RSS feed for releases.

v2.20.0.0 - November 13, 2023


Third-party licenses: YugabyteDB, YugabyteDB Anywhere


docker pull yugabytedb/yugabyte:


  • Support for OIDC token-based authentication via Azure AD. This allows YSQL database users to sign in to YugabyteDB Anywhere universes using their JSON Web Token (JWT) as their password. When configured in YugabytedDB Anywhere, users can obtain their token from their YugabyteDB Anywhere user profile, or copy it from the YugabyteDB Anywhere landing page.

  • Ability to browse the full history of restores for universes. After performing a restore, navigate to the Restore History tab to verify restore details and view all previous restores.

  • Support for backing up and restoring tablespaces. You can now restore tablespaces to a universe with a matching topology; that is, a universe that have the same zones and regions as the backed up universe.

  • Online point-in-time-recovery (PITR), which allows you to perform PITR without the need to stop any workloads.

  • Enhanced metrics display. Click and drag to select a time range in any chart to zoom in to display granular data points.

  • Quicker rolling restarts due to enhancements that accelerate the time it takes to perform local bootstrapping of tablets.

  • Improved safety checks for rolling upgrades. Before a node is upgraded, YugabyteDB Anywhere checks for under-replicated tablets to make sure your universe is in a healthy state before proceeding with the upgrade.

  • Improvements to node disk usage alerts to support alerting on non-data partitions.

New Features

  • [PLAT-9084] Support LDAP with RBAC
  • [PLAT-10277] OIDC Support for k8s based universes
  • [PLAT-10438] Add runtime flag checks for all new RBAC APIs
  • [PLAT-10456] Implement YbaApi annotation and its action


  • [PLAT-6164] Backup script version checking improvements
  • [PLAT-6724] Setting postgres db password
  • [PLAT-8585] [PLAT-10860] Add a node task to repair node-agent for cloud providers for existing node-agent enabled universes only
  • [PLAT-8975] During YSQL upgrade, select active YB-TServer in same region as master leader
  • [PLAT-9700] UI widget changes
  • [PLAT-10129] [PLAT-10810] [PLAT-10841] [PLAT-10887] Filter universes based on role bindings
  • [PLAT-10193] [xCluster] Disallow basic xCluster setup if transactional xCluster configuration exists
  • [PLAT-10217] Improving PEX activation time
  • [PLAT-10363] Adds Validation on ImageBundle as part of region add/delete in provider
  • [PLAT-10369] Prometheus scrape interval/timeout preflight check
  • [PLAT-10371] Change DB Queue Overflow alert label
  • [PLAT-10407] Adds ap-south-2 region in YBA
  • [PLAT-10415] Stop building PEX for python < 3.8
  • [PLAT-10417] Improve status updater to use namespace
  • [PLAT-10483] Add validation on role bindings for resources with generic permissions
  • [PLAT-10489] Pass show_help=false to DB scrape endpoint to avoid scraping help and type
  • [PLAT-10502] Add guard rails for YCQL tables while disabling YCQL
  • [PLAT-10527] Re-provision DB nodes in rolling manner during software upgrade and reverting systemd reboot workaround
  • [PLAT-10531] Better error handling for bash script as part of postgres upgrade
  • [PLAT-10540] [dr] Disable DR APIs by default
  • [PLAT-10544] [PLAT-10414] Minor support bundle CRD improvements
  • [PLAT-10552] Add useTablespaces boolean in list backup response
  • [PLAT-10556] Adding Prometheus basic auth to YBA Installer
  • [PLAT-10618] Need to sync roles before turning on new RBAC runtime flag
  • [PLAT-10620] Correct service file template with proxies
  • [PLAT-10640] Automatically adjust associated role bindings when role is edited
  • [PLAT-10689] Support allowAll=false and empty resource UUID set
  • [PLAT-10691] Add option to provide service account name in DB helm charts
  • [PLAT-10694] Improve logging for schedule backups
  • [PLAT-10806] Searching custom path for active software
  • [PLAT-10809] Use serializable transaction with retry for node-agent cert update as it is very critical
  • [PLAT-10838] Bump Prometheus version
  • [PLAT-10866] Increment YBC version to on master
  • [PLAT-10904] [PLAT-10721] Add universe read permission annotation to universe configure API. Add OTHER.READ to logs API
  • [PLAT-10910] Scrub APIs: EAR, RBAC, Support Bundle
  • [PLAT-10932] Increment YBC version to
  • [PLAT-10991] [xCluster] Mark xCluster APIs visibilities
  • [PLAT-11001] Scrub APIs: Backup/Restores/Schedules
  • [PLAT-11045] Make yb.ui.feature_flags.granular_metrics runtime flag as enabled by default
  • [PLAT-11135] [PLAT-10899] Annotated the YBA APIs (Certs/Access Keys/Region/AZ's/ImageBundle)
  • [PLAT] [YBA API] Skip swagger generation for deprecated APIs, Implement YbaApiTest to validate proper usage of YbaApi

Bug fixes

  • [PLAT-8895] Prometheus restore fixes
  • [PLAT-10422] Manually issuing reboot command during provision
  • [PLAT-10494] StatusUpdater injection was not used correctly
  • [PLAT-10548] [UI] Backup UI padding is missing
  • [PLAT-10554] Fix NPE for backups with De-commissioned nodes
  • [PLAT-10560] Incorrect master key rotation when first backup/restore from EAR universe
  • [PLAT-10579] Fix the yb_platform_backup script for restore commands and platform backup restore for docker based installations
  • [PLAT-10599] Backup chaos testing fix: Consider ToBeRemoved state as Live
  • [PLAT-10614] Fix expressing in CPU usage alert
  • [PLAT-10628] [PLAT-10542] Fix for missing Node UUID causes certain tasks to fail in new YBA releases
  • [PLAT-10629] Fix 296 migration
  • [PLAT-10632] K8s NFS based backup/restore pre-checks fix
  • [PLAT-10637] [PLAT-10638] Fixes for AWS provider SG validation
  • [PLAT-10676] Fix disk volume usage percentage graph in outlier nodes mode
  • [PLAT-10692] [PLAT-10891] [PLAT-10840] Assign ConnectOnly role by default if no system roles given in bindings for user
  • [PLAT-10700] [PLAT-10646] [PLAT-10695] Backport some missed fixes
  • [PLAT-10794] Use su instead of sudo -u to run commands as user
  • [PLAT-10808] Fixing up node agent certificate path
  • [PLAT-10813] [RBAC|UI] Disable Edit Role for system roles -[PLAT-10811] [RBAC|UI] Edit Role modal is not closed automatically if there is an error [PLAT-10816]-[PLAT-10821] [PLAT-10822]
  • [PLAT-10823] [On-Prem] Universe Creation failing with read replica
  • [PLAT-10824] * [PLAT-10656] Fix issues with zooming charts to get fine grained data points
  • [PLAT-10827] Fixing broken GflagsUpgrades on K8s
  • [PLAT-10849] [UX] Give exact info message which indicates why we are not allowing to take Backup on Universe * [PLAT-10848] - [PLAT-10843] - [PLAT-10815]
  • [PLAT-10868] In UI, make backup tablespaces checkbox unchecked by default
  • [PLAT-10877] Increase minimal step to 30 + remove the limit on smallest range for detailed metrics feature
  • [PLAT-10897] Handling ansible-playbook with a long shebang line
  • [PLAT-10901] Fix typo and make password at least 8 characters long
  • [PLAT-10908] [PLAT-11004] [PLAT-10940] [PLAT-10933] [PLAT-10844] [PLAT-10845] [PLAT-10894] [PLAT-10909] fix RBAC UI issues
  • [PLAT-10911] [PLAT-10630] [] [Azure] Resume universe failed [Custom exit code exception: Could not find last PowerState for VM]
  • [PLAT-10935] Access Key rotation fails for manually uploaded keys
  • [PLAT-11059] Avoid resetting node agent as part of provider edit
  • [PLAT-11073] [PLAT]Remove Backup tablespaces checkbox if YCQL is selected - [PLAT-11149] [PLAT] Disable Backup tablespaces checkbox in Change Retention Period
  • [PLAT-11094] Fix NPE for cases where there are no tablespaces in target universe
  • [PLAT-11102] Fixing replicated-migrate restore
  • [PLAT-11123] [PLAT-11124] Backing up provision_instance.py and node agent certs
  • [PLAT-11130] [UI] [2.20] Fix edit security locators
  • [PLAT-11142] YBA Installer fix java non proxy hosts
  • [PLAT-11173] Replicated migrate failing with custom root directory
  • [PLAT-11196] Set the provider reference in image bundle as part of provider edit
  • [PLAT-11216] Backup script failing on CentOS 7 Fix swaggerGen