Stax Changelog logo

Changelog

Back to Homepage Subscribe to Updates

Labels

  • All Posts
  • Fix
  • changed
  • added
  • deprecated
  • removed
  • security

Jump to Month

  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
changed
6 months ago12/21/2021

Permission Sets is Now Generally Available

Permission Sets allows for fine-grained control of permissions when users log in to Stax-managed AWS accounts. The feature has been accessible in Preview Mode for some time, but is now generally available.

See Permission Sets to get started.

changed
6 months ago12/20/2021

Management Account Now Accessible to Organizations With Reseller-Owned Accounts

Limited access to the Management account is now available for Stax-managed AWS Organizations using an account ownership model in which the management account is owned by a reseller. The account is available and can be logged into from the list of Stax-managed AWS accounts in the Stax Console.

This change allows for configuration and visibility of services that are only available in the Management account of AWS Organizations.

For information on the Management account, see Accounts.

To enable users to access the Management account, grant access by assigning one or more of the three built-in roles to a group of users. See Manage Groups for specific guidance. At this time, the Permission Sets feature is not supported for the Management account.

added
6 months ago12/16/2021

Monitor Public Resources with the Public Exposure Rule Bundle

Stax's new Public Exposure Rule Bundle contains Rule definitions designed to help you monitor your environment for common misconfigurations that can cause resources and information to be inadvertently exposed.

Combined with Real-Time Rule Alerts and Notifications, this Bundle allows you to be easily notified when a resource enters a state of non-compliance. Rules provided by this Bundle aim to provide guidance around keeping private your EC2, EBS, RDS, ElasticSearch, and other native AWS resources.

Add the Bundle to Stax to get going. Once added, Stax will perform an initial evaluation and populate the Rules page with new results. You can filter the page to show only results from the Public Exposure Bundle if preferred.

security
6 months ago12/13/2021

Response to log4j2 vulnerability (CVE-2021-44228)

Stax is aware of the recently disclosed vulnerability in the open-source Apache Log4j library, tracked as CVE-2021-44228 and referred to as "Log4Shell". Stax's engineering team has performed thorough analysis of the Stax codebase with regards to this issue. Stax can confirm that it is not vulnerable to this exploit.

If you have any questions regarding this notice, please raise a support case.

changed
7 months ago12/02/2021

SNS Topics are not Exposed Rule Improved

Stax has updated the SNS topics are not exposed Rule to allow SNS topics shared with a specific AWS Organization or AWS Account to pass the Rule. This means that the Rule will only fail for SNS topics that are shared with no limitations.

The Rule now checks for the existance of a condition checking for a condition restricting access to a specific aws:PrincipalOrgId or aws:PrincipalAccount.

added
7 months ago11/24/2021

Permission Sets Are Now Automatically Deployed to New Accounts

Stax has introduced new functionality to improve the behavior of Permission Sets when creating and updating Stax-managed AWS accounts.

When an account is created within an Account Type that has a Permission Set Assignment targeted to it, the Permission Set will be automatically deployed to the account during creation. When an account is moved to a different Account Type, any relevant Permission Sets will be added or removed based on the Assignments in place.

Additionally, deleting groups and Account Types is no longer possible when they are in use by Permission Sets. The API will reject requests with an HTTP 400 error and a message identifying how many attachements are preventing deletion.

added
7 months ago11/24/2021

New Changelog Widget and Updated Starred Accounts Widget

Stax is uplifting the Activity page to provide meaningful information and the ability to easily perform common tasks.

The Starred Accounts widget has been updated to allow you to quickly log in to Stax-managed AWS accounts you have starred from the Accounts page.

The Changelog widget has been added to provide access to the most recent entries on the Stax changelog.

added
7 months ago11/22/2021

Amazon EBS Encryption by default

Stax has released an update requiring Amazon Elastic Block Store (EBS) volume encryption in management accounts in all regions supported by Stax. This is to comply with CIS AWS Foundations Benchmark v1.4 control 2.2.1.

Stax uses the default aws/ebs encryption key. You can modify the default encryption key as required in the AWS Console.

added
7 months ago11/18/2021

Additional Stax Networks EBS Interface VPC Endpoint

Stax Networks now supports the EBS Interface VPC Endpoint for VPCs that are part of a Networking Hub.

You can enable the EBS Interface VPC Endpoints for new and existing Networking Hubs using the Stax Console, API, or SDK. See Manage Networking Hubs for more.

added
7 months ago11/15/2021

Search Resources on Rule Results Page

The results page for any given rule now supports searching of resources.

Enter a value into the search box then press enter to search the results. You can search by any field displayed in the table of results.