134 posts tagged with "Added"

Stax has released a new compliance rule called EC2 instances should not be too old, allowing customers to continuously monitor their EC2 instances’ age based on their organizations requirements. This rule helps align with best practices to ensure the regularly updating, patching and restarting of EC2 instances.

This rule evaluates whether an EC2 instance’s launch time exceeds the specified number of days (Instance Age parameter). The default Instance Age parameter is set to 60 days if no value is specified.

To add any of this new rules to your Organization Rule Bundle, head to the Rules Catalog page.

Stax Tag Compliance Rules now include support for additional resource types, allowing users to track the tag compliance across a wider range of AWS products and services. For a complete list of supported AWS resource types, visit our guide.

Updated Rules

• Resource tag keys should have specified values

• Resource tag keys should not have specified values

• Resource should have specified tag keys

• Resource should not have specified tag keys

New supported resources

• dynamodb-table

• dynamodb-backup

• rds-cluster

• rds-cluster-param-group

• rds-cluster-snapshot

• rds-param-group

• rds-proxy

• rds-reserved

• sns-topic

• sns-subscription

For more information and to get started, see Monitoring Tag Compliance.

Stax has introduced changes to the Fetch ** Stax Users and Federated User(s) API endpoints in **stax-au1, stax-eu1, and stax-us1. This change helps identify Stax users with multi-factor authentication (MFA) enabled.

Update Endpoints:

-** Fetch Stax Users and Federated Users** GET /20190206/users

• **Fetch Stax User and Federated User **GET /20190206/users/{user_id}

The endpoint's response schema (teams) now includes the MFAEnabled parameter. For more information, refer to our Stax API documentation.

Viewing a user's MFA status in the Stax Console will be released in early 2024.

Stax-managed Security Hub now supports the NIST Special Publication 800-53 Revision 5 standard in all Stax-supported regions. This NIST standard can be activated in Stax-managed Security Hub using the Stax API and SDK. Stax Console support for the standard will be available in early 2024.

Stax Workloads are now deployable in any region enabled within the Foundational Service Stax-managed AWS Regions. When initiating a new workload deployment through the Stax Console or SDK, you can choose from default and enabled opt-in regions, such as Melbourne (ap-southeast-4). Visit our help docs for a comprehensive list of all currently supported AWS regions.

Stax now supports enabling AWS opt-in Regions for your Stax tenancy. Configuring an opt-in Region, such as Melbourne (ap-southeast-4), enables the region for all accounts within your Organization and brings them in line with security and best practices through the Stax Assurance process.

See Using Stax-managed AWS Regions for details on configuring AWS opt-in Regions.

Stax Rule Bundles now provide AWS Console remediation guidance, offering organizations actionable steps to address rule violations and maintain compliance. Refer to our guide for more details.

To gain detailed insights into your AWS cost information, or to feed billing information into third-party tools, you can now opt-in to have your Stax-managed AWS Cost and Usage Reports (CURs) exported directly to an S3 bucket in your AWS Organization's logging account. To find out more, see Opt-in to Stax-managed CUR export to the Logging Accountin the docs.

In addition to viewing your rule-level compliance score based on passing and failing rules, Stax Compliance users can now view compliance scores calculated by the number of passing/failing resources. This new resource-level compliance view enables resource-focused operational insights and remediation.

Choose the vertical ellipsis (⋮) under the summary results on the Rule page to change how the compliance score is calculated. See our guide for more details.

Stax Notifications now supports the ability to create multiple of the same notification types for any delivery channel. This change provides greater flexibility and personalization and makes managing your Stax Cost & Compliance notifications much easier. See Manage Notifications for more details.