Stax has deprecated its automatic CloudFormation template validation for Workload Catalog items.

When deploying a Workload Manifest file, Stax will validate the structure of the Manifest, ensure that all CloudFormation templates are reachable, and that the CloudFormation templates themselves are valid JSON or YAML. It will no longer query AWS's Validate Template API to validate the CloudFormation template(s) when a manifest is uploaded.

This feature has been deprecated as, in some instances, it prevented deployment of sophisticated Workloads and templates that relied on specific AWS account and region combinations.

The API endpoints affected are:

• Create Workload Catalog Item: stax-au1 stax-us1 stax-eu1

• Update Workload Catalog Item: stax-au1 stax-us1 stax-eu1

Consider leveraging the AWS CLI/API directly when developing CloudFormation templates to ensure their validity.

These changes have been applied automatically by Stax. Should you experience any issues, please raise a support case.

Stax Permission Sets now supports increased limits for Assignments. The maximum number of Assignments for a Permission Set is now 50. Previously this limit was 10.

An assignment defines who can utilize the Permission Set and where. This increase enables you to assign access in a more granular fashion to suit your requirements.

To get started, see Permission Sets in the docs.

An update has been applied to Stax Workloads:

• Fixed enforcement of the maxmimum number of resources (AWS CloudFormation templates) allowed. Previously the limit was not properly enforced.

• The resource limit has been revised to 10 based on customer usage patterns and performance evaluation. See Create a workload manifest for more.

• Improved Workloads resilience to network connectivity issues. Workloads will now re-attempt deployment tasks for up to 20 minutes in situations where network connectivity is impaired.

These changes have been applied automatically by Stax. There is no impact to service expected as a result of this upgrade. Should you experience any issues, please raise a support case.

Stax has released several improvements to the Cost & Compliance module. This enhances the functionality of the Rules page, as well as changes to make the Views capability suit some use cases better.

CIS Benchmark Rules added to Rule Catalog​

Traditionally, the only way to consume Rules from the CIS Benchmark was to enable the entire Rule Bundle. This update enables the individual Rules to be selected and enabled from the Catalog.

Rule Filtering Now Supports Search by ARN Prefix​

When filtering rules by resource Amazon Resource Names (ARNs), you can now search by ARN prefix, allowing for more precise results to be returned. ARN filtering supports matching both the full ARN, or a subset of characters.

Hide Unallocated Segments from Global Filters View​

Stax now supports hiding the default Unallocated segments on the Global Filters menu. This setting is enabled on a per-View basis from the View's settings page.

An update has been applied to Stax Workloads to improve performance and reliability:

• Fixed an issue where the Workloads API would accept invalid characters for the Workload name. Workload names will now be correctly validated against the pattern ^[a-zA-Z][-a-zA-Z0-9]*$. If the Workload name is invalid, the API will return a 400 "Bad Request" response, along with an error payload detailing the schema error.

• Fixed an issue where the Workloads API would accept invalid parameter formats. If an invalid parameter format is provided, the API will now return a 400 "Bad Request" response, along with an error payload detailing the schema error.

These changes have been applied automatically by Stax. There is no impact to service expected as a result of this upgrade. Should you experience any issues, please raise a support case.

The Permission Sets page now allows for deletion of Permission Sets.

When no longer required, Permission Sets can be deleted from the Stax Console. Permission Sets can only be deleted when all Permission Set Assignments have been deleted.

For more information, see Permission Sets in the docs.

The Workloads page now shows deployed workloads in a list.

This improves usability and functionality, while allowing up to 100 deployed Workloads to be displayed at a time. Additionally, you can now click on the View AWS CloudFormation Stack button beside each Workload to log into the Workload's AWS account and view the associated CloudFormation stack.

Customers subscribed only to the Stax Cost & Compliance module can now set notification preferences when inviting new users. Admins can customize the user's default notifications to align with their needs.

After joining Stax, users can manage their notifications and make changes to their preferences.

Permission Sets allows for fine-grained control of permissions when users log in to Stax-managed AWS accounts.

This new feature allows for users in Stax groups to be assigned AWS IAM Policies defining their level of access to accounts in Stax Account Types. Each Permission Set consists of a policy document and a number of (zero or more) assignments. The policy document defines what someone utilizing the Permission Set can do, and the assignment defines who can utilize the Permission Set and where.

To get started, see Permission Sets in the docs.

Version 1.3.1 of stax2aws has been released. This update fixes a bug where stax2aws would report that no roles were available in certain circumstances.

You should upgrade stax2aws to version 1.3.1 or later if you experience this bug.