Added
View All Tags
In addition to Stax's recent updates to AWS credits support, the Data page now shows each credit item's description.
Now, when you filter by Kind: credit, you can review the Item Description column to see an explanation of the credit as provided by AWS. Additionally, grouping by the Item Description column allows for a summary by credit type to be displayed. This enables much greater insight into your AWS credits than ever before.
You can now use Stax to provision your Site-to-Site VPN resources and manage connectivity from your on-premises environment to your Stax Networks. You can deploy an AWS VPN Customer Gateway and share the connection to your Stax Hubs and VPCs, depending on your network requirements.
Stax Networks supports Virtual Private Gateway and Transit Gateway Site-to-Site VPN Connections.
With a Transit Gateway Site-to-Site VPN Connection, your VPN Customer Gateway is connected to your Networking Hub's Transit Gateway, providing connectivity to all VPCs within your Hub.
You can also connect your VPN Customer Gateway to an individual VPC's Virtual Private Gateway to provide direct connectivity.
For more information about Stax Networks and Site-to-Site VPN, check out the docs.
Sometimes you may wish to grant a user full access to the Cost & Compliance components of Stax without also granting access to the Accounts, Networks and Workloads functionality. A new role has been introduced to permit this.
Users who have their role in Stax set to Cost & Compliance Admin can administer Cost & Compliance module features. They have read-only access to all the other components of Stax.
For more information on the roles available within Stax, see Accessing Stax.
Stax has released an officially supported Command Line Interface (CLI) for AWS access called stax2aws.
This replaces the existing command line-based access that required use of unsupported tooling.
Leveraging Open Authentication Standards and the Stax Identity Broker, Stax now provides a native client that supports the ability to initiate a request for temporary AWS credentials from the CLI without complex tooling and intimate knowledge of your company’s corporate identity setup.
Check out the guide to getting started with stax2aws.
Stax's Cost & Compliance Rule Bundles functionality now provides versioning to support the addition and removal of rules within a bundle, as well as to stay aligned to industry standards.
You can use this feature in two ways:
Stay locked to a version by turning off Auto updates. Until you manually activate a different version, nothing will change
Opt in to Auto updates, and we will automatically upgrade you to the latest version when one becomes available. You may always downgrade to a previous version at any stage, and any compliance history will be preserved.
In this initial release, the following Rule Bundles have new versions available: - CIS Benchmark (both 1.2.0 and 1.3.0) - S3 Best Practice - SNS Best Practice - SQS Best Practice
Navigate to the details page for each Rule Bundle to see a more detailed changelog that outlines exactly what has changed:
We're always working to improve Stax to make it more useful for our customers. Today, two new features have been released for Networks in the Stax Console, with the aim of making networking features more accessible.
The VPCs page now shows which items have been configured for all your VPCs at a glance. Without inspecting each VPC individually, you can now see when the following VPC Config items are enabled:
Internet Gateway (IGW)
NAT Gateway (NGW)
Virtual Private Gateway (VPGW)
CloudWatch VPC Flow Logs (CFL)
The full name of VPC Config item can be viewed by hovering your mouse cursor over the label.
When you create or edit a Networking Hub or VPC using [Stax Networks]((/hc/en-us/articles/4452164778383), you can now choose to enable CloudWatch Logs for VPC Flow Logs in the Stax Console.
When you enable this feature, Stax will automatically save your VPC's flow logs to CloudWatch Log Groups. These logs reside in the same account as your VPC or Transit VPC, making them easy to access when working with the VPC in question.
We'd love to hear what you think of these new features. If you have any questions about these new features, please raise a support case with your thoughts.
Stax has added a new Stax Workload default parameter, StaxAwsOrgId, to allow access to your AWS Organization ID when deploying Stax Workloads.
Use this new parameter to easily access your AWS Organization ID value to allow Organization-wide IAM permissions.
For more information on using AWS Organizational IAM permissions, see this blog post from AWS.
The following example grants s3:GetObject on a S3 bucket access to all accounts in your AWS Organization. ```yaml AWSTemplateFormatVersion: "2010-09-09" Parameters: StaxAwsOrgId: Type: "String" Resources: S3Bucket: Type: "AWS::S3::Bucket" Properties: BucketName: "my-s3-bucket" S3BucketPolicy: Type: "AWS::S3::BucketPolicy" Properties: Bucket: !Ref S3Bucket PolicyDocument: Statement: - Action: - "s3:GetObject" Effect: Allow Resource: Fn::Join: - "" - - "arn:aws:s3:::" - !Ref S3Bucket - /Principal: "" Condition: StringEquals: aws:PrincipalOrgID: - !Ref StaxAwsOrgId
Stax has added new functionality to the Data page which allows you to group your costs.
With this new functionality, you can quickly and easily drill into the different areas of your AWS spend. Group your costs by pre-configured views, AWS accounts, tags values, or any other field on the Data page.
Multiple groups can be applied. Some scenarios of this which we have found helpful include:
Grouping by account and then by service for a quick breakdown of the how we are using AWS
Filtering to RDS and grouping by ARN to view the costs of our specific databases
Grouping by kind to show the breakdown between AWS credits, saving plan charges, and our usage
Stax has made changes to the Stax Workloads API to make it easier to find Workloads you have deployed into your Stax-managed AWS accounts. These filters are available in the API and the SDK.
The new filters available are:
| Filter Name | Description | | --- | --- | | account_names | Comma-delimited list of Stax Account Names. Returns all Workloads deployed to these Accounts Names. | | account_types | Comma-delimited list of Stax Account Types. Returns all Workloads deployed to these Account Types. | | account_ids | Comma-delimited list of Stax Account IDs. Returns all Workloads deployed to these Account IDs. | | catalogue_names | Comma-delimited list of Stax Workload Catalogue Names. Returns all Workloads deployed with these Workload Catalogue Names. | | catalogue_ids | Comma-delimited list of Stax Workload Catalogue IDs. Returns all Workloads deployed with these Catalogue IDs. | | catalogue_version | Only return Workloads launched from this Stax Workload Catalogue Version (eg. 1.0.0). Requires catalogue_ids to also be provided. |
GET https://api.au1.staxapp.cloud/20190206/workloads?account_types=billing
GET https://api.au1.staxapp.cloud/20190206/workloads?catalogue_ids=b5e1c1a5-ee96-4ea3-8343-8704f5f67596&catalogue_version=2.0.1
Stax has updated the Global Filters drop-down to include data that you are needing access to every day or every week. With this change, you will be able to quickly scan through the list of Views and Segments that you use the most and quickly change between them. By adding this functionality, we've removed a few unnecessary clicks each and every time you want to change the data that you are looking at.