Environment Details

Last modified: March 13, 2024

1 Introduction

To open the Environment Details page, go to the Developer Portal and click Environments on your licensed app. Then click Details ( ) by the environment you want to view.

The Details icon is on the right side of the row

The Environment Details page shows information about the selected environment. You can use this page to manage and debug several aspects of the environment. The page has eight tabs: General, Model Options, Network, Log Levels, Runtime, Maintenance, Tags, and Services.

2 The General Tab

In the General tab, you can find the following information about your environment:

  • Status
    • – the application in this environment is running
    • – no application has been started yet in this environment, or it has been turned off
    • – the application in this environment is unstable and probably not usable anymore
  • Running since – the date the app was started, if it is running
  • Name – the type of environment (Acceptance, Production, Test, or the name of a flexible environment); for more information, see the Naming of Environments section below
  • Url – the URL of the app
  • Project ID – the unique identifier of the app
  • Environment ID – the unique identifier of the environment
  • Custom domains – any custom domains of the app
  • Java Version – Oracle version 1.8, AdoptOpenJDK version 11, or Eclipse Temurin JDK 17
  • Studio Pro Target
  • Plan – the type of plan covered by your license (for more information, see the Overviews section below)
  • Instances – a summary of the number and memory allocation of instances of the environment (for more information, see the Scaling section below)
  • Database Version – the PostgreSQL version supporting the database
  • Region – the region where the app is hosted
  • Secondary Backup Location – the region where the backup is stored
  • Mendix Cloud Version – the version of Mendix Cloud where the app is hosted

At the bottom of the page, there are three overview grids showing the deployment package details, plan details, and license. These are described in detail below in the Overviews section.

2.1 Actions

On the right side of the screen in the General tab, there are buttons that you can use to perform various actions. Some action buttons are visible when your app is running, some are visible when your app is stopped, and some are always visible.

When your app is running, you can see the following action buttons:

Available actions when the app is running
  • Restart Application – This stops the running application and starts it again. Restarting your app is required for applying new constant values or scheduled events to the environment.
  • Stop Application – This stops the application.
  • Show Logged in Users – This shows all users who are logged in to your app.
  • Change Admin Password – This changes the password for the built-in administrator account. The new password is applied immediately, without the need for a restart, and forces the administrator to pick up any new roles assigned in the app deployment package.
  • View Live Log – This shows a live log for your application. It is identical to the View Live Log button on the Logs page.
  • Show Debugger Information – This shows the settings needed to connect the debugger in Studio Pro to your app. For more information on debugging in the cloud, see How To Debug Microflows Remotely.
  • Show Running Now – You can use this to monitor all actions that are currently running in your environment.

When your app is stopped, you see this set of action buttons instead:

Available actions when the app is stopped
  • Start Application – This starts the application.
  • Stop Application – This stops the application.
  • Clear Environment – This allows you to empty all the data from your database and, optionally, remove the app and file storage from the environment as well. For more information, see Clearing an Environment.
  • View Live Log – This shows a live log for your application. It is identical to the View Live Log button on the Logs page.

2.1.2 Clearing an Environment

The Clear Environment button lets you clear your environment so that you can use it for another purpose. This option is only available if the environment is stopped.

To clear your environment, follow these steps:

  1. Click Clear Environment.
  2. Select one of the following options:
    • Only clear the database – This empties all data from your database. After you confirm the deletion, the application is stopped, the existing database is deleted, a new database is created, and the application is restarted. Ensure you have a backup of any data that you want to keep.
    • Clear the full environment (model and database) – This clears all data from your database and file storage. It also removes your app from this environment. Clear the full environment if you want to deploy a different app to the environment.
  3. Confirm that you want to clear your environment by typing the indicated text (clear database or clear model and database, depending on which option you selected).
  4. Click Clear Environment.
Clear Environment options and confirmation

2.2 Naming of Environments – Flexible Environments in Mendix Cloud

If you are the app’s Technical Contact, you can rename the environments.

To rename the environment, follow these steps:

  1. Click Change next to the name of the environment.
  2. Enter the new name, which must meet the following requirements:
    • Consists of at least two characters
    • Consists of only alphanumeric characters and hyphens (a-z, A-Z, 0-9, and -)
    • Does not begin or end with a hyphen

2.3 Scaling

To see the options for changing scaling, scroll down to the Instances section of the General tab and click Change scaling.

In the Change scaling dialog box, there are two sliders that you can control:

A sample view of the Scaling page
  • Use the Instances slider to increase or decrease the number of instances
    • The instances are meant for improved resiliency and increased processing power
    • The minimum amount of RAM per instance is 1 GiB; you can spread the RAM among four instances if you have more than 1 GiB of RAM
  • Use the Memory per instance slider to increase or decrease the memory amount per instance

The Total Allocated Memory is a process circle that shows how much memory is currently used for scaling.

If you have 1 GiB RAM of total allocated memory, you have one instance available to store your memory. To scale your memory over multiple instances, you need more memory.

For more information, see Scaling Your Environment.

2.4 Overviews

At the bottom of the General tab, there are three overview grids showing the deployment package details, plan details, and license.

2.4.1 Deployment Package Details

In this section, you can find information about the deployment package that is loaded into the environment:

  • Name of the deployment package
  • Version of the deployment package
  • Runtime version of Mendix used to create the app
  • Size (MB) of the deployment package
  • Upload date of the deployment package

2.4.2 Plan Details

This section shows details of the plan that applies to this environment.

2.4.3 License

The license overview contains the following information:

  • Company – who owns the license
  • Is Production – indicates if the environment is licensed as a production environment
  • Runtime mode – Production, Acceptance, or Test

3 The Model Options Tab

On this tab, you can edit the following model options: scheduled events and constants.

3.1 Scheduled Events

In this section, you can view your configured scheduled events.

If you select a scheduled event and click Toggle, you can switch the scheduled event off and on.

With scheduled events, you can let the Mendix Runtime run a microflow at a specific moment in time. The event can also be repeated with a given interval; for example, you can set it to repeat every day.

For more information, see Scheduled Events.

3.2 Constants

In this section, you can view the configured constants. Constants are used to define configuration values that can differ per environment.

To fill in a new value, select the constant and click Edit to bring up the Edit Constant dialog box.

In the Edit Constant dialog box, you can change the constant value using the New value field.

You can also set Mask to Yes. This changes the display settings for Current value and New value; if masking is enabled, all screens in the Developer Portal (and in Excel if you export the constants) conceal these values and display a string of asterisks in their place. This lets you keep your constants secret from users who do not have edit rights.

Edit Constants Pop-up window

For more information, see Constants.

4 The Network Tab

On the Network tab, you can manage the elements described below.

4.1 Custom Domains

  • Domain name
  • Certificate
  • Expire date

You can perform the following actions:

  • Add – provide the domain name and select the certificate from a drop-down menu
  • Edit
  • Delete

For more information, see Certificates and Custom Domains.

4.2 HTTP Headers

The HTTP Headers section lets you set the values of selected HTTP response headers. These headers allow the server to pass additional information with the response, which the browser interprets to control the behavior of your Mendix app.

Mendix Cloud supports the following HTTP headers in the Developer Portal:

Header Description
Access-Control-Allow-Origin Indicates whether the response can be shared with requesting code from the given origin.
Content-Security-Policy Allows website administrators to control resources the user agent is allowed to load for a given page. Requires a string value.
For more information, see Content Security Policy, below.
Origin-Trial Used to enable experimental web platform features for your environment as part of Google’s Origin Trials program.
Referrer-Policy Governs which referrer information should be included with requests made.
X-Content-Type-Options Indicates that the MIME types advertised in the Content-Type headers should not be changed and be followed.
X-Frame-Options Indicates whether or not a browser should be allowed to render a page in a <frame>, <iframe>, <embed>, or <object>. The default is not to allow apps to be rendered inside frames. This was the value set previously to prevent embedding in an iframe.
For details on running your app inside an iframe, see Running Your App in an Iframe, below.
X-Permitted-Cross-Domain-Policies Specifies whether the page can load resources from a different domain.
X-XSS-Protection Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

There are three types of values for these headers:

  • Choose a value from a drop-down menu:

    Selecting a value
  • Choose a value from a drop-down menu and specify a URL:

    Specifying a URL
  • Enter the required values as a string:

    Entering a value

The changes to the headers are implemented when the app is redeployed.

For more information, see HTTP Headers.

4.2.1 HTTP Response Headers Inserted Automatically

Mendix and the deployment environment automatically add some non-configurable response headers. These are listed below.

Response Header Added In
cache-control The buildpack for index.html and login.html – the Mendix Runtime for other pages
permissions-policy: interest-cohort=() Exclude from Federated Learning of Cohorts (FLoC) calculation
strict-transport-security TLS terminating webservers – set to max-age=31536000 (365 days, in seconds)
x-vcap-request-id Cloud Foundry to track requests through CF

4.2.2 Running Your App in an Iframe

Most browsers have additional security to ensure that iframes are only allowed when they are from the same domain as the main page. The defaults for these vary by browser version. This security is controlled through SameSite cookies. For more information, see SameSite Cookies Explained.

4.2.2.1 Using Custom Domains

To avoid security issues when you want to embed the app in an iframe, use custom domains. This way, you can ensure that the app you want to embed is part of the same domain. For example, if your page is mainpage.domain.name, then the app embedded in the iframe should be appname.domain.name.

4.2.2.2 Applying a Different SameSite Setting

From Studio Pro 8.12, you can control the value of SameSite in your cookies. The default for all cookies depends on the version of Mendix you are using:

  • For Studio Pro 8 (8.12 and above), the default is SameSite=None, which means that they can be used in an iframe
  • For Studio Pro 9.0 and above, the default is SameSite=Strict, which means that they cannot be used in an iframe

You can change this value in the com.mendix.core.SameSiteCookies custom runtime setting if you want to change iframe restrictions for your app.

For Mendix 8.11 and below, there was no SameSite value set on cookies, and the behavior depended on the browser default. To ensure that cookies can be used within iframes, you can set the custom environment variable SAMESITE_COOKIE_PRE_MX812 to true in the Custom Environment Variables section; this sets SameSite=None; Secure; for all your cookies.

4.2.2.3 Using Custom Sign-In Pages

If you use a custom sign-in page, the originURI cookie is normally set in the index.html file. If your Mendix app runs within an iframe, set this cookie with the SameSite=None and Secure attributes.

To do this, find all the places in your theme folder where this cookie is set. It looks like document.cookie = "originURI=/login.html". Change this to add the required attributes. Here is an example:

1
document.cookie = "originURI=/login.html" + (window.location.protocol === "https:" ? ";SameSite=None;Secure" : "")

4.2.3 Content Security Policy

A Content Security Policy informs the client (browser) where your page loads resources from. Setting this can make your app more secure by declaring trusted sources for your resources. For more information, see the W3C recommendation Content Security Policy Level 2.

The process for setting a full content security policy depends on what your app does. However, a starting point that declares the content security policy that works with a basic Mendix app is given below:

default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' ; font-src 'self' https://fonts.gstatic.com data: ; img-src 'self' data: ; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com ; base-uri 'self' ; form-action 'self' ; object-src 'none' ; frame-ancestors 'self' ;

If you have issues that appear to be related to a content security policy, you can use the console of your browser to investigate them.

4.3 Outgoing Connections Safelisting (Mendix Cloud Dedicated)

If you are deploying your apps to Mendix Cloud Dedicated, all outgoing IP addresses are allowed by default.

If you clear the Allow all outgoing connections checkbox, you can define which IP addresses and ports can be used for outgoing connections.

You can add or edit multiple different IP address and port combinations. Any ranges that have already been set up are listed here. You can do the following:

  • To remove any restrictions, select Allow all outgoing connections. To impose restrictions, clear Allow all outgoing connections.
  • To add a new range, click New.
  • To edit a range, select an existing range and click Edit.
  • To delete a range, select an existing range, click Delete, and then confirm that you want to delete it.

4.3.1 Managing a Safelist Range

For each range where you define safelisted IP addresses and ports, you can enter the following information:

  • Name – Enter a name to identify this range (for example, 192 Group).
  • IP – Specify an inclusive range of safelisted IP addresses in IPv4 format (for example, 142.251.39.1 to 142.251.39.255). All the IP addresses must be in a public range (see Valid IP Ranges, below). All addresses between the Start address and the End address are safelisted, including the start and end addresses. If you want to safelist a single address, make the start and end addresses the same.
  • Port – Specify an inclusive range of ports that are safelisted for the IP range above (for example, 80 to 5000). You can use several safelist entries if you want to safelist different port ranges for the same IP range.
  • Protocol – Select whether the safelisting is for TCP, UDP, or ALL traffic.
  • Description – Enter an optional description of this IP range (for example, which API it supports).

Click Save to save your range. The new values are applied within a few minutes without needing an app restart.

4.3.2 Valid IP Ranges

IP addresses must be within the following ranges:

IP Start IP End
0.0.0.0 9.255.255.255
11.0.0.0 169.253.255.255
169.255.0.0 172.15.255.255
172.32.0.0 192.167.255.255
192.169.0.0 255.255.255.255

4.4 Path-Based Access Restrictions

You can restrict access to your application by means of Client Certificates or IP ranges.

The top-level path (/) restricts access to the entire application. Settings for specific paths override the implicitly inherited profile for the top level.

Custom access restriction profiles are managed at the application level. They can be reused for all environments (acceptance, production, etc).

The Path Based Access Restrictions overview contains the following information:

  • Path
  • Current Restriction Profile
  • New Restriction Profile

You can Delete a path or you can Add and Edit a path with the following restriction types:

  • Allow all access
  • Deny all access
  • Custom Profile for Client Certificates and/or IP ranges
  • N/A (inherit)

For more information, see How to Restrict Access for Incoming Requests.

4.5 Outgoing Connections Certificates

Add client certificates (in the PKCS12 format) or certificate authorities (in the PEM format). These are used when your application initiates SSL/TLS connections.

5 The Log Levels Tab

Log levels are used to distinguish the log messages. Log levels highlight the highest-priority log messages so that they can be prioritized accordingly.

Viewing the log levels

Custom log nodes appear in the list only after a message has been logged to them. For more information, see Log Message.

On this tab, you can perform the following actions:

  • Change the log level by selecting a node, clicking Change level, and modifying the level in the Change log level dialog box
    Selecting the log level type
  • Click Set all to Info to revert all the changes

When using the Log Levels tab, bear in mind the following considerations:

  • If your app is not running, the tab only shows log nodes that are set to a level other than Info. Log nodes that are set to the Info level become visible when your app is restarted.
    • For custom nodes, log nodes become visible when your app is restarted and after messages have been logged to them.
  • If you change the log level, this level will continue to be used even if you later restart your app.
  • If you change the log level, the startup logs (the logs that are created while starting the runtime, including the logs that the after-startup microflow generates) are not affected. It is not possible to change the log level of the startup logs for apps hosted on Mendix Cloud.
  • For an application running a single instance, any changes are applied immediately to the application.
  • For an application running more than one instance, the changes can only be applied after a restart of the app. This is because it is not possible to instruct the load balancer to set the log level for a specific running instance.
  • Log levels may not persist across restarts if you change them outside the Developer Portal (for example, using an app module).

The log level types are as follows:

Level Color Description
Trace Provides highly detailed information. Trace level messages are written only to logs.
Debug Provides detailed information, typically of interest only when diagnosing problems.
Info Confirms that things are working as expected.
Warning Orange Indicates that something unexpected happened or warns about an upcoming problem (for example, “disk space low”). The application is still working as expected.
Error Red Indicates a serious problem that prevented the application from performing some function.
Critical White text, red background Indicates that a serious error has occurred; the application may be unable to continue running.

For more information about log levels, see How to Set Log Levels.

6 The Runtime Tab

On the Runtime tab, you can add Custom Runtime Settings and Custom Environment Variables.

Viewing the Runtime tab

6.1 Custom Runtime Settings

Use the Custom Runtime Settings section to perform the following actions:

  • Add a new runtime setting with a new value
  • Edit the runtime setting
  • Delete the runtime settings

For more information about runtime settings, read the Runtime Customization and Advanced Custom Settings in Mendix Runtime documentation.

Mendix Cloud uses runtime settings to configure the included systems for logs, backups, and database. Therefore, the following settings are not configurable by users:

  • CACertificates
  • ClientCertificatePasswords
  • ClientCertificates
  • com.mendix.core.localfilesystem.cleaning.isEnabled
  • com.mendix.core.localfilesystem.cleaning.time
  • com.mendix.storage.azure.*
  • com.mendix.storage.s3.*
  • DatabaseHost
  • DatabaseJdbcUrl
  • DatabaseName
  • DatabasePassword
  • DatabaseType
  • DatabaseUserName
  • DatabaseUseSsl
  • JavaKeyStorePassword
  • LogFileName
  • MaxLogFileCount
  • MaxLogFileSize
  • MyScheduledEvents
  • OracleServiceName
  • ScheduledEventExecution
  • TempPath
  • WebServiceClientCertificates

6.2 Custom Environment Variables

Use the Custom Environment Variables section to add, edit, or delete an environment variable.

Unlike the Custom Runtime Settings section, most of the variables you add are chosen from a drop-down list.

Click Add and select Supported to choose from the following variables:

  • APPMETRICS_TARGET – This enables sending application runtime and custom business metrics to HTTP endpoints of different monitoring solutions, such as InfluxDB, while ignoring micrometer endpoints.
  • DD_API_KEY – This is the API key used with Datadog.
  • DD_SITE – This directs metrics to a specific Datadog region.
  • DATABASE_CONNECTION_PARAMS – These are additional JDBC parameters for PostgreSQL databases. For more information, see the Mendix Cloud Foundry Buildpack.
  • JVM_GARBAGE_COLLECTOR – This overrides the automatic configuration of the Java garbage collector. Accepted values are Serial or G1.
  • METRICS_AGENT_CONFIG – This passes a configuration JSON to control the metrics passed to Datadog.
  • SAMESITE_COOKIE_PRE_MX812 – This sets SameSite=None;Secure for all cookies coming from the Mendix runtime, as described in the Running Your App in an Iframe section.
  • USAGE_METRICS_EMAIL_FIELDS – If your app uses specializations of the System.User entity to store users, use this variable to point to them. This enables Mendix to identify internal and external users of your app.
    • The value of this variable is in the format Module.Entity.Attribute, where Module is the module of your app that contains the Entity that is a specialization of System.User and Attribute is the attribute that contains the email address of the user.
    • If you have multiple specializations of System.User, you can specify the values in comma-separated format (that is, Module1.Entity1.Attribute1,Module2.Entity2.Attribute2,…,ModuleN.EntityN.AttributeN). In the following example, there are two specializations identified: Administration.Account.Email,MendixSSO.MendixSSOUser.EmailAddress.

To support features that are in beta, click Add and select Unsupported. Then, you can add an unsupported environment variable. Unsupported environment variables can only be used for controlling Mendix beta features. If you are involved in using a beta feature, you will be informed what Name and Value to enter.

7 The Maintenance Tab

You can use the Maintenance tab to view information about planned maintenance. You can also configure your preferred maintenance window.

Viewing the Maintenance tab

There are two types of maintenance:

  • Regular weekly maintenance does not affect your app. During regular weekly maintenance, you can change the preferred maintenance window.
  • Planned maintenance affects your app in some ways. You will automatically receive an email about any planned maintenance, and you can override the maintenance window if necessary.

For more information about configuring maintenance windows, see the Configuring Maintenance section of the Maintenance Windows page.

7.1 Preferred Maintenance Window

You can view and change your preferred maintenance window in this section.

7.2 Planned Maintenance

When a maintenance operation is planned, it appears under Planned Maintenance. By default, this is planned in your preferred maintenance window. To override the maintenance window of a specific maintenance operation, click Override.

8 The Tags Tab

You can set tags on your environment. Tags are arbitrary strings that are not interpreted by the Developer Portal.

Viewing the Tags tab

Tags serve two purposes:

  • Custom tags can be added to metrics for third-party metrics solutions
  • Tags can serve as selection criteria for grouping environments into a landscape management dashboard, which can be used for third-party logging solutions

For example, you may wish to use tags when logging with Datadog. For more information, see Getting Started with Tags.

9 The Services Tab

You can enable and disable custom services for individual environments of your app. The service that you want to enable must have been enabled for the app by its Technical Contact. For more information, see Services.

In the Services tab, the Technical Contact can decide which custom services can be used in each environment of this app.

9.1 Available Services

One custom service is available: Mendix Event Broker. This service is required to use Mendix Business Events on production apps.

9.2 Enabling Custom Services

Custom services are only available if the app’s Technical Contact has enabled them. The custom services are enabled or disabled separately for each environment of each app. For more information, see Services in the Environments documentation.