16 posts tagged with "Deprecated"

The Stax Terraform Provider, which was previously in developer preview status, has been deprecated. No further development will occur, and the module remains unsupported for production use.

Stax's guidance is not to use this module for production workloads, and to instead consider deployment using the Stax API or Python SDK.

Please note that while the Terraform provider will remain available on the Terraform Registry, there will be no further updates or development undertaken at this time.

Please raise a support case or contact your Customer Success Manager if you have any questions.

Stax has deprecated stax2aws versions 1.4.3 and older. These versions of the Stax Command Line Interface (CLI) utilized a device authorization grant solution which is no longer supported. Stax has removed the obsolete device flow resources from Stax-managed security accounts.

All users are required to upgrade to version 1.5.0 of stax2aws to continue using the Stax CLI.

If you have questions or concerns regarding the changes, please reach out by raising a support case.

On 02 April 2024, Stax will deprecate stax2aws versions 1.4.3 and older. These versions of the Stax Command Line Interface (CLI) utilize a device authorization grant solution which is being deprecated.

All users will be required to upgrade to version 1.5.0 of stax2aws on or before 02 ** April 2024 **to continue using the Stax CLI.

In addition, on 02 April 2024, Stax will remove the obsolete device flow resources from Stax-managed security accounts. No customer action is required for this part of the change and we will inform you when this change has been applied.

If you have questions or concerns regarding the changes, please reach out by raising a support case.

On Sunday 11 February at 0200 UTC (Monday 12 February at 1300 AEDT), the following deprecated Stax API endpoints will be removed from stax-au1, stax-us1, and stax-eu1 and will no longer be supported by Stax API/SDK:

**- Fetch IDAM Users **GET /20190206/idam/user

**- Fetch IDAM User ** GET /20190206/idam/user/{org_id}

The following endpoints should be used instead which now includes the user's MFA status.

-** Fetch Stax Users and Federated Users** GET /20190206/users

• Fetch Stax User and Federated User GET /20190206/users/{user_id}

To avoid interruption to service switch to these replacement API endpoints before 11 February 2024. Refer to the Stax API documentation for up-to-date API schema details.

If you have any concerns, please raise a support case.

The stax-audit-bus EventBridge rule has been deprecated and will be removed from all Stax-managed AWS accounts on ** 05**** Feb 2024. **To continue receiving events that the stax-audit-busEventBridge rule is sending to the Security account, please review our guide to prepare for the change.

What’s Changing? Stax has decided to remove the chat support button from the Cost and Compliance segments of Stax. While this feature is being deprecated, you can communicate with the Stax support team by clicking the “Support” button on the lower left-hand side of the console. This change aligns with our commitment to improving our services and catering to your needs effectively.

If you have any questions, encounter any issues, or require any further assistance with this change, please do not hesitate to contact our support team using the Support button in the lower left of your console or via https://stax.io/support

Thanks, The team at Stax

As part of our ongoing maintenance and improvement of rules and rule bundles, we are updating rules related to AWS CloudTrail log metric filters. This change will offer a shift towards organization-level CloudTrail configurations, enabling enhanced security and manageability for your resources.

Please be aware that the existing rules will be deprecated in the following bundles:

• AWS FTR version 1.0.0

• CIS Benchmark from version 1.1.0 to 1.5.0

• Organization Rules

• S3 Best Practice version 1.0 and version 1.1

• Stax Foundation Compliance version 1.0

The deprecated rules are as follows:

• Ensure a log metric filter and alarm exist for AWS Config configuration changes,

• Ensure a log metric filter and alarm exist for AWS Management Console authentication failures,

• Ensure a log metric filter and alarm exist for Management Console sign-in without MFA,

• Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL),

• Ensure a log metric filter and alarm exist for changes to network gateways,

• Ensure a log metric filter and alarm exist for CloudTrail configuration changes,

• Ensure a log metric filter and alarm exist for disabling or scheduled deletion of customer-created CMKs,

• Ensure a log metric filter and alarm exist for IAM policy changes,

• Ensure a log metric filter and alarm exist for route table changes,

• Ensure a log metric filter and alarm exist for S3 bucket policy changes,

• Ensure a log metric filter and alarm exist for security group changes,

• Ensure a log metric filter and alarm exist for unauthorized API calls,

• Ensure a log metric filter and alarm exist for usage of root user credentials,

• Ensure a log metric filter and alarm exist for VPC changes

The newly introduced rules will take their place with the following rule names respectively:

• CloudTrail should have a log metric filter for AWS Config changes,

• CloudTrail should have a log metric filter for Console authentication failures,

• CloudTrail should have a log metric filter for Console sign-in without MFA,

• CloudTrail should have a log metric filter for NACL changes,

• CloudTrail should have a log metric filter for Network Gateway changes,

• CloudTrail should have a log metric filter for CloudTrail configuration changes,

• CloudTrail should have a log metric filter for scheduled deletion of customer-created CMKs,

• CloudTrail should have a log metric filter for IAM policy changes,

• CloudTrail should have a log metric filter for route table changes,

• CloudTrail should have a log metric filter for s3 bucket policy changes,

• CloudTrail should have a log metric filter for security group changes,

• CloudTrail should have a log metric filter for unauthorized API calls,

• CloudTrail should have a log metric filter for root user credentials,

• CloudTrail should have a log metric filter for VPC changes

Please note that the check history for the deprecated rules will not be kept.

If you have any questions about this change and what it means for you, please contact support.

The rule “Lambdas have a unique role” will be deprecated in a rules update in 7 days. This rule has been a part of the Stax compliance module for many years, and after careful consideration, we have decided that it no longer serves its intended purpose.

This rule was originally intended to ensure that AWS Lambdas — cloud computing functions — had a unique role within the environment. As cloud computing and serverless functions have evolved, we have determined that this rule does not provide additional security and is no longer necessary.

This rule is only part of the Stax rule catalog, and is not used as part of any compliance or best practice rule bundles.

The stax-audit-bus EventBridge rule has been deprecated and will be removed from all Stax-managed AWS accounts on 3****1 ** March 2023. **To understand the impact, read more.

The Explore the cost of your services feature will be deprecated on 1 ** December 2022.**  No customer action is required as part of this change. Read more.