Stax local user accounts' multi-factor authentication (MFA) status is now available on the Users page in the Stax Console. This update simplifies the process of identifying local Stax users with MFA enabled.
To explore this feature, visit the Users page in the Stax Console or refer to our Stax API and SDK documentation.
Please note, this status check is not refreshed immediately and can take up to four hours for the updated information to appear.
The NIST Special Publication 800-53 Revision 5 standard can now be enabled in Stax-managed Security Hub using the Stax Console, Stax API, and SDK.
For more information and to get started, see Using Stax-managed Security Hub.
Stax has enhanced the CloudWatch Log metric filters and alarms configured in Stax-managed AWS Management accounts. This update helps customers aiming to align with the latest CIS AWS Benchmark by including new CloudWatch Log metric filters and alarms for the following CIS AWS Benchmark v1.5.0 controls:
4.1 Ensure a log metric filter and alarm exist for unauthorized API calls
4.15 Ensure a log metric filter and alarm exists for AWS Organizations changes
Existing CIS Benchmark v1.2.0 CloudWatch Log metric filters and alarms configured by Stax remain unchanged.
Stax has enabled AWS Cost Optimization Hub, centralizing cost savings opportunities and recommendations for your entire organization within the Management account. Furthermore, Stax configures AWS Compute Optimizer for your tenancy, enriching your optimization findings and recommendations.
To get started, log into AWS in your Stax-managed Management account and navigate to Cost Optimization Hub within the AWS Billing and Cost Management Console.
As announced, Stax has uplifted the Stax-managed Security Hub service, aligning our solution with the newly released AWS Security Hub central configuration capability. Review our guide to understand the change in more detail.
If you have questions or concerns regarding the changes, please reach out by raising a support case.
As announced on 15 December 2023, the following deprecated Stax API endpoints have been removed from stax-au1, stax-us1, and stax-eu1 and are no longer supported by Stax API/SDK:
**- Fetch IDAM Users **GET /20190206/idam/user
**- Fetch IDAM User ** GET /20190206/idam/user/{org_id}
The following endpoints should be used instead:
-** Fetch Stax Users and Federated Users** GET /20190206/users
GET /20190206/users/{user_id}If you have any concerns, please raise a support case.
On 12 February 2024, Stax will implement changes to the configuration of Stax-managed Security Hub. This update will align the Stax-managed Security Hub service with the new AWS Security Hub central configuration capability announced by AWS.
If you have already enabled Stax-managed Security Hub, you will be impacted by this change.
Ensure you review our guide to understand the change, impacts, and actions you need to take before 12 February 2024.
If you have questions or concerns regarding the changes, please reach out by raising a support case.
On 02 April 2024, Stax will deprecate stax2aws versions 1.4.3 and older. These versions of the Stax Command Line Interface (CLI) utilize a device authorization grant solution which is being deprecated.
All users will be required to upgrade to version 1.5.0 of stax2aws on or before 02 ** April 2024 **to continue using the Stax CLI.
In addition, on 02 April 2024, Stax will remove the obsolete device flow resources from Stax-managed security accounts. No customer action is required for this part of the change and we will inform you when this change has been applied.
If you have questions or concerns regarding the changes, please reach out by raising a support case.
Version 1.5.0 of stax2aws has been released. See how to upgrade stax2aws.
Changes:
simplified the OAuth 2.0 device authorization implementation
updated dependencies and security patches