OUs can now be managed from within Stax and SCPs can now be attached to OUs and individual accounts. For more information, see the documentation.

As part of the upcoming release to Manage AWS Organizational Units and Service Control Policies in Stax the following changes will be made to the Policies API Policy method's schema implementation. For a detailed outline of these changes, see the release plan here.

• Removed: Attachableto is no longer defined in the schema

• Removed: Mandatory is no longer defined in the schema

• Removed: Public is no longer defined in the schema

• Renamed: Policy is now defined as Content in the schema

• Changed*:* Status  values are now; ACTIVE, CREATE_FAILED, CREATE_IN_PROGRESS, DELETED, DELETE_FAILED, DELETE_IN_PROGRESS, UPDATE_IN_PROGRESS. Previous values; ACTIVE, DELETED, FAILED

• Added: AwsId is now defined in the schema

• Added: ExternalResource is now defined in the schema

• Added: OrganisationAttachment is now defined in the schema

• Added: PolicyOwner is now defined in the schema

• Added: PolicyType is now defined in the schema

• Added: Tags is now defined in the schema

• Added: UserTaskId is now defined in the schema

The API documentation for the new Policies schema can be found here, with the release of this feature the Policyv2 schema will be renamed to replace Policy.

If you have questions or concerns regarding the changes, please reach out by raising a support case.

The  Australian Cyber Security Centre Essential Eight Rule Bundle is now available to all organizations. This Bundle is designed to help customers fortify their AWS environment against cyber threats and strengthen their security posture.

The new Stax Compliance ACSC Essential Eight Rule Bundle includes 42 controls and 16 new rules.

Add the Bundle to Stax to get going. Once added, Stax will perform an initial evaluation and populate the Rules page with new results. You can filter the page to show only results from the Essential Eight bundle if preferred. Alternatively, to add any of the new rules to your Organization Rule Bundle, head to the Rules Catalog page.

The 0.1.0 release of the Stax Terraform provider marks the completion of support for the initial set of Stax resources.

Guidance for common tasks using the Terraform provider is available on the Terraform Registry:

1. Getting Started with Permission Sets

2. Importing Existing Stax Resources into Terraform

For more information and to get started, see About the Stax Terraform Provider.

Stax has released a new version of the Cost & Compliance module's service and billing roles, version 33. The following permissions have been added to the roles:

• backup:Describe*

• backup:Get*

• backup:List*

• cloudtrail:List*

• waf-regional:Get*

• waf-regional:List*

If your AWS accounts are Stax-managed, then you don't need to take any action. Stax will automatically update this role in the coming days.

If you're subscribed only to the Stax Cost & Compliance module, you will need to apply the update yourself.

For any questions about this change, or if you need assistance deploying the updated role, please raise a support case.

The latest v0.0.7 release of the Stax Terraform provider (Developer preview) now supports managing Users and Group Membership using Terraform. Customers can create Users, associate them with a group and then use this group with a permission set to grant access to AWS accounts, all from Terraform.

For more information and to get started, see About the Stax Terraform Provider.

A new Rule "S3 block public bucket account setting should be enabled" has been introduced to the S3 Best Practice Version 1.1 and PCI DSS Rule Bundles.

The rule checks whether the block public access setting is enabled at the account level.

To add this rule to your Organization Rule Bundle, head to the Rules Catalog page.

The National Institute of Standards and Technology (NIST) Privacy Framework Rule Bundle is now available in private preview. This Bundle is designed to help organizations improve their privacy practices through effective risk management. To learn more about the private preview, refer to our guide.

Stax has released a new version of the Cost & Compliance module's service and billing roles, version 32. The following permissions have been added to the roles:

• backup:GetBackupSelection

• backup:ListBackupPlans

• backup:ListBackupSelections

If your AWS accounts are Stax-managed, then you don't need to take any action. Stax will automatically update this role in the coming days.

If you're subscribed only to the Stax Cost & Compliance module, you will need to apply the update yourself.

For any questions about this change, or if you need assistance deploying the updated role, please raise a support case.

The latest v0.0.5 release of the Stax Terraform provider now supports managing permission sets using Terraform. Customers can create Permission Sets, then link them to a Stax Account Type and Stax Group.

For more information and to get started, see About the Stax Terraform Provider.