Release 2026.2.0
Release period: 2026-01-07 to 2026-01-16
This release includes the following issues:
- Display Service Provider Workspace in Marketplace Catalog
- Feature Previews Card On Cloud Foundation Dashboard
- Ignore Azure User Invitation Failures For Blocked Users
- Improved Building Block Event Log Quality
- Fix "Open Workflow" button disabled for released building block definitions
- Fix Platform Workspace Link in Admin View
- Fixed SSH Key Type Mismatch for Self-Hosted Git
- Building Block Configuration for Landing Zones via API
- Fix Duplicate Tenant Usage Reports on Tenant Re-Import
- Fix Building Block Failures With Large Input Variables
- Stricter Authorization for meshLandingZone and meshPlatform API
- Access Management V2 for Partner Admin Area
- Fixed Setting Nullable Fields to Null in meshLandingZone API
- Fixed meshPlatform Link in meshLandingZone API Response
- Fixed Serialization Error for Users Without Keycloak ID
- meshPlatform API Now Requires Non-Empty Endpoint
- Validate ProjectRole References in Landing Zone Creation
- Specify Workspace Ownership for Landing Zones via API
- Clarify AWS Account Name and Alias Pattern Behavior
- Landing Zone Deactivation Terminology Consistency
- Enhanced meshLandingZone API with Lifecycle State Filtering and Information
- Fixed Loading State Display Issue in Tables
- Enhanced meshPlatform API with Lifecycle State Filtering and Information
- meshLocation API Restricted to Admin Access For Modification
- Delete Locations Via meshLocation API
Ticket Details
Display Service Provider Workspace in Marketplace Catalog
Audience: User
Description
The marketplace catalog now displays which workspace provides each service or building block. This makes it easy to identify the platform team responsible for offering each service, especially valuable in multi-unit or collaborative environments where different organizational units contribute to the service landscape.
Feature Previews Card On Cloud Foundation Dashboard
Audience: User
Description
Adds a new card to the Cloud Foundation Dashboard that displays active feature previews and their rollout schedule. This allows you to see which features are available for early access and when they will be rolled out.
How to use
The new "Feature Previews" card is visible on the Cloud Foundation Dashboard. You can view all available feature previews and their rollout dates. Click "View All Feature Previews" to navigate to a detailed overview.
Ignore Azure User Invitation Failures For Blocked Users
Audience: User
Description
When replicating Azure tenants, if a user invitation fails because Azure reports an error when the user is blocked the replication will now continue for other users instead of failing completely. Such failed invitations are reported in the replication system remarks with detailed error messages from Azure, allowing operators to investigate and resolve specific user issues.
Improved Building Block Event Log Quality
Audience: User
Description
We improved the building block event logs by removing redundant events and adding more meaningful ones. Previously, the system created "Building Block Run Requested" events every time a tenant was updated, even when no actual changes occurred. These events cluttered the event log without providing useful information. We now only create events when a building block run actually executes. This makes it easier to track and understand the actual activity of your building blocks.
Fix "Open Workflow" button disabled for released building block definitions
Audience: User
Description
We fixed a bug where the "Open Apply Workflow" and "Open Destroy Workflow" buttons were incorrectly disabled when viewing released building block definitions using GitHub Actions as implementation type.
Fix Platform Workspace Link in Admin View
Audience: User
Description
Fixed an issue where the platform workspace link in the admin view was incorrect. The link now correctly uses the workspace identifier instead of workspace name, ensuring proper navigation to the workspace overview.
Fixed SSH Key Type Mismatch for Self-Hosted Git
Audience: User
Description
We fixed an issue where building blocks using SSH authentication to access self-hosted or private Git repositories would fail with a "key mismatch" error. This occurred when you configured a known host entry with a specific key type (e.g., ssh-ed25519), but the Git server offered a different key algorithm during connection. The building block runner now correctly requests the specific key type you configured in the known hosts field, ensuring successful authentication to your self-hosted Git instance.
Building Block Configuration for Landing Zones via API
Audience: User
Description
The meshLandingZone API now supports configuring mandatory and recommended building blocks. This allows you to define which building blocks should be automatically applied to tenants created in a landing zone, enabling better governance and standardization across your cloud environments.
Fix Duplicate Tenant Usage Reports on Tenant Re-Import
Audience: User
Description
We fixed an issue where re-importing a tenant within the same month it was deleted from meshStack resulted in duplicate tenant usage reports. The system now correctly handles tenant re-imports without creating additional usage reports for the same reporting period.
Fix Building Block Failures With Large Input Variables
Audience: User
Description
Fixed an issue where building blocks would fail with an error when processing large input variables, such as extensive user lists or complex configurations. Building blocks now reliably handle input variables of any size.
Stricter Authorization for meshLandingZone and meshPlatform API
Audience: User
Description
The meshLandingZone and meshPlatform APIs now enforce stricter authorization for non-admin API keys. When using an API key without admin permissions, you can only retrieve landing zones or platforms if your workspace owns that resource or is listed as a contributor. This change improves security by preventing unauthorized access to detailed configuration information of platforms.
Access Management V2 for Partner Admin Area
Audience: User
Description
We have upgraded the access management interface in the partner admin area to version 2. This provides an improved user experience when managing user and group access to your partner workspace. The new interface includes enhanced search capabilities, better visual feedback, and a more streamlined workflow for adding, editing, and removing access.
Note: This change only affects customers who have access to the new access control v2 feature. If you are using the standard access control interface, this change does not apply to you.
Fixed Setting Nullable Fields to Null in meshLandingZone API
Audience: User
Description
We fixed an issue where you could not set optional fields like infoLink to null via the meshLandingZone API.
When updating a meshLandingZone via PUT request with a null value for optional fields (e.g., infoLink),
the API now correctly removes the existing value instead of keeping the old value.
Fixed meshPlatform Link in meshLandingZone API Response
Audience: User
Description
The meshLandingZone API previously returned an incorrect link to the associated meshPlatform. The link pointed to the internal API endpoint instead of the public meshObject API endpoint. This has been corrected, and the meshLandingZone API now correctly references the meshPlatform API endpoint.
Fixed Serialization Error for Users Without Keycloak ID
Audience: User
Description
We fixed an issue where meshStack would fail to display certain pages when user data without a Keycloak user ID was present. The fix ensures that all user-related data is now correctly handled, even when Keycloak IDs are missing.
meshPlatform API Now Requires Non-Empty Endpoint
Audience: User
Description
When creating or updating platforms via the meshPlatform meshObject API, the endpoint field must now be set to a non-empty string. Previously, setting an empty endpoint resulted in errors when attempting to access tenants created on that platform.
How to use
Ensure that the spec.endpoint field in your meshPlatform API requests contains a valid, non-empty URL. This
validation prevents configuration errors and ensures that all platform tenants remain accessible through the panel.
Validate ProjectRole References in Landing Zone Creation
Audience: User
Description
We fixed a bug where landing zones could be created with references to non-existent project roles in their role mappings. Now, when you create or update a landing zone via the meshObject API, meshStack validates that all referenced project roles actually exist. If any project role references are invalid, you'll receive a clear error message listing all missing roles, making it easier to correct the issue in one go.
Specify Workspace Ownership for Landing Zones via API
Audience: User
Description
The meshLandingZone API now supports explicit workspace ownership specification. When creating a landing zone via the API, you must now specify which workspace owns that landing zone. Previously the Landing Zone was always owned by the workspace the API Key belongs to. This enables admins to create landing zones for any workspace, giving you more flexibility in managing landing zones across your organization. Additionally, landing zone contributors are now also able to manage Landing Zones via API.
How to use
Please note that this is a breaking change for users of the v1-preview meshLandingZone API. The metadata.ownedByWorkspace field is now mandatory in all meshLandingZone API requests. If you are already using the v1-preview meshLandingZone API, you must update your API integrations to include this field in the request payload.
Clarify AWS Account Name and Alias Pattern Behavior
Audience: User
Description
The AWS platform configuration now includes enhanced documentation that clarifies the behavior of the account alias pattern setting. The pattern is used to set both the AWS account name during initial account creation and the account alias. However, AWS does not allow the account name to be changed after account creation. This means that any subsequent changes to the account alias pattern only affect the account alias, not the immutable account name.
Landing Zone Deactivation Terminology Consistency
Audience: User
Description
We renamed "disable" to "deactivate" for landing zones throughout meshStack to provide consistent terminology with other meshObjects.
Enhanced meshLandingZone API with Lifecycle State Filtering and Information
Audience: User
Description
The meshLandingZone API v1-preview now supports filtering and retrieval of landing zones based on their lifecycle state. You can now filter landing zones by ACTIVE or DEACTIVATED states using the lifecycleState query parameter.
Note: The previous disabled query parameter has been replaced by the lifecycleState parameter. Landing zones that were previously disabled are now shown with the DEACTIVATED lifecycle state.
Fixed Loading State Display Issue in Tables
Audience: User
Description
We fixed a visual issue where empty placeholders were incorrectly displayed while tables were loading content. Now you will only see the loading indicator during data retrieval, providing a cleaner and less confusing user experience.
Enhanced meshPlatform API with Lifecycle State Filtering and Information
Audience: User
Description
The meshPlatform API v2 now supports filtering and retrieval of platforms based on their lifecycle state. You can now filter platforms by ACTIVE, DEACTIVATED, or DELETED states. Additionally, the platform status now includes the current lifecycle state.
meshLocation API Restricted to Admin Access For Modification
Audience: User
Description
We fixed a security issue where the meshLocation API incorrectly accepted workspace-scoped API keys without proper authorization checks. The API is now only accessible with admin permissions if modifications are done. If you were using workspace-scoped API keys to modify location information, you must now use API keys with admin rights instead.
Delete Locations Via meshLocation API
Audience: User
Description
The meshLocation API now supports deleting locations that have never been associated with platform instances. This enables you to manage the complete location lifecycle programmatically, which is particularly useful for testing infrastructure-as-code implementations like Terraform acceptance tests. You can now create, update, and delete locations as needed to maintain a clean platform configuration.
How to use
Use the DELETE operation on the meshLocation API to remove a location. The API prevents accidental deletion of locations with platform instances. Note that once a location has been associated with platforms (which can only be soft-deleted), the location cannot be removed. We plan to address this limitation in a future release.