131 posts tagged with "Added"

Tagging of Service Control Policies in Stax is now supported in the Stax Console, Stax API, and SDK. Visit Using Service Control Policies in Stax to find out more.

Stax local user accounts' multi-factor authentication (MFA) status is now available on the Users page in the Stax Console. This update simplifies the process of identifying local Stax users with MFA enabled.

To explore this feature, visit the Users page in the Stax Console or refer to our Stax API and SDK documentation.

Please note, this status check is not refreshed immediately and can take up to four hours for the updated information to appear.

The NIST Special Publication 800-53 Revision 5 standard can now be enabled in Stax-managed Security Hub using the Stax Console, Stax API, and SDK.

For more information and to get started, see Using Stax-managed Security Hub.

Stax has enhanced the CloudWatch Log metric filters and alarms configured in Stax-managed AWS Management accounts. This update helps customers aiming to align with the latest CIS AWS Benchmark by including new CloudWatch Log metric filters and alarms for the following CIS AWS Benchmark v1.5.0 controls:

• 4.1 Ensure a log metric filter and alarm exist for unauthorized API calls

• 4.15 Ensure a log metric filter and alarm exists for AWS Organizations changes

Existing CIS Benchmark v1.2.0 CloudWatch Log metric filters and alarms configured by Stax remain unchanged.

Stax has enabled AWS Cost Optimization Hub, centralizing cost savings opportunities and recommendations for your entire organization within the Management account. Furthermore, Stax configures AWS Compute Optimizer for your tenancy, enriching your optimization findings and recommendations.

To get started, log into AWS in your Stax-managed Management account and navigate to Cost Optimization Hub within the AWS Billing and Cost Management Console.

As announced, Stax has uplifted the Stax-managed Security Hub service, aligning our solution with the newly released AWS Security Hub central configuration capability. Review our guide to understand the change in more detail.

If you have questions or concerns regarding the changes, please reach out by raising a support case.

Version 1.5.0 of stax2aws has been released. See how to upgrade stax2aws.

Changes:

• simplified the OAuth 2.0 device authorization implementation

  • support added for native OAuth 2.0 device authorization grant
  • support for custom Stax device flow authorization grant removed

• updated dependencies and security patches

Stax has released a new compliance rule called EC2 instances should not be too old, allowing customers to continuously monitor their EC2 instances’ age based on their organizations requirements. This rule helps align with best practices to ensure the regularly updating, patching and restarting of EC2 instances.

This rule evaluates whether an EC2 instance’s launch time exceeds the specified number of days (Instance Age parameter). The default Instance Age parameter is set to 60 days if no value is specified.

To add any of this new rules to your Organization Rule Bundle, head to the Rules Catalog page.

Stax Tag Compliance Rules now include support for additional resource types, allowing users to track the tag compliance across a wider range of AWS products and services. For a complete list of supported AWS resource types, visit our guide.

Updated Rules

• Resource tag keys should have specified values

• Resource tag keys should not have specified values

• Resource should have specified tag keys

• Resource should not have specified tag keys

New supported resources

• dynamodb-table

• dynamodb-backup

• rds-cluster

• rds-cluster-param-group

• rds-cluster-snapshot

• rds-param-group

• rds-proxy

• rds-reserved

• sns-topic

• sns-subscription

For more information and to get started, see Monitoring Tag Compliance.

Stax has introduced changes to the Fetch ** Stax Users and Federated User(s) API endpoints in **stax-au1, stax-eu1, and stax-us1. This change helps identify Stax users with multi-factor authentication (MFA) enabled.

Update Endpoints:

-** Fetch Stax Users and Federated Users** GET /20190206/users

• **Fetch Stax User and Federated User **GET /20190206/users/{user_id}

The endpoint's response schema (teams) now includes the MFAEnabled parameter. For more information, refer to our Stax API documentation.

Viewing a user's MFA status in the Stax Console will be released in early 2024.