You can now use Stax to manage peering between your Stax Networking Hub and another Stax Networking Hub, or with a standalone AWS Transit Gateway. Read more.

A new Rule has been released to allow organizations to validate that Security Hub is enabled in all Stax-managed AWS accounts in all regions with active resources.

To enable this Rule, see Add a Rule from the Catalog.

The Stax team is aware of the recently disclosed vulnerability within the popular Java Spring Framework and related software components being referred to as Spring4Shell (CVE-2022-22965).

Stax’s security and development teams have analysed the components of Stax that are Java based. Despite the Spring Framework being present in the codebase, no usage of known vulnerable functions was identified.

Stax is continuing to monitor the situation and related component announcements.

The customer carbon footprint tool is now available in all Stax-managed AWS Organizations.

Managing Views in Stax is now simpler with improvements released today. A Manage Segments button has been added to simplify adding, editing, and deleting a View's segments. For multi-dimensional Views, the interface has been simplified to rename Dimensions to Columns and Conditions to Rows. This makes it easier to understand your multi-dimensional Views and how they will be segmented.

Version 1.2.0 of the Python SDK has been released.

This change sets the default logging level from DEBUG to INFO. It also removes the configuration of loggers that were out of scope of this SDK, such as boto3, botocore, nose and urllib3. Previously these loggers were being configured to level WARNING. Users of the SDK should check and ensure the logging of these libraries is configured to their desired level.

See Stax Python SDK for more details.

Compute Optimizer is now enabled in the management account of Stax-managed AWS Organizations as part of Stax Assurance. All accounts within the AWS Organization are opted in to the service.

EC2, EC2 AutoScaling, EBS, and Lambda recommendations are exported to the logging account weekly. The recommendations are exported on Sundays at 2200 UTC (0900 Monday AEDT).

Access the Compute Optimizer Dashboard in the logging account to see Compute Optimizer's recommendations.

An update has been applied to the Rules module to improve collection accuracy:

• Fixed an issue with how Stax implements rule result collection in the Rules module, where resources were not being accurately matched against Rules. This was resulting in false negatives and false positives for a small number of resources.

These changes have been applied automatically by Stax. There is no impact to service expected as a result of this update. You may notice a small change in the number of resources accurately passing or failing.

Should you experience any issues, please raise a support case.

Stax now supports disabling invitations for local users. A local user is one which does not authenticate via a configured Single Sign-On Identity Provider (SSO IdP).

By default, administrators of a Stax tenancy can invite users directly to Stax, at which point they can create a password and log into Stax. Alternatively, administrators can grant users access to Stax via the organization's SSO IdP. Users logging in to Stax via Single Sign-On are created just-in-time and do not need to be invited to Stax first.

If you wish to disable the ability for administrators to invite new local users to Stax, please raise a support case.

See Enforce Single Sign-On for more detail.

For Stax-managed AWS Organizations with an account ownership model whereby the management account is owned by a reseller, AWS Backup can now be configured in member accounts.

For those with customer-owned management accounts, AWS Backup has been configurable for some time. If AWS Backup is already enabled, no change has been made.

If not already enabled, the cross-account feature of AWS Backup has been enabled for all member accounts in Stax-managed AWS Organizations. This allows for secure copying of backups across one or more AWS accounts in your AWS Organization.