An update has been applied to the Stax Identity Service to improve its performance and reliability.

This update upgrades the Stax Identity Service Database's underlying software. This modernises and standardises the infrastructure in use across all of Stax's customers. 

These changes have been applied automatically by Stax during the advertised maintenance window. There is no impact to service expected as a result of this upgrade. Should you experience any issues, please raise a support case. 

To ensure you receive notice of upcoming changes to Stax, make sure you're subscribed to the status page.

The Rule RDS instances should not be in public subnets in the RDS Best Practice Rule Bundle (version 1.0) has been renamed to RDS instances in a subnet should not have internet access to improve usability and clarity.

To add this rule to your Organization Rule Bundle, head to the Rules Catalog page.

A fix has been applied to the UserAuthenticationEvent Stax generated event to conform to the schema.

The value has changed from "status": "Success" to "status": "SUCCESS".

For further information on Stax generated events, please see Stax Generated Events Schema.

On 3 January 2023, there will be a change to the period of data that can be viewed in Stax's Cost module. After the change, cost data from greater than 3 years ago will no longer be available. Read More

Version 1.3.0 of the Python SDK has been released.

This change includes:

• Add configurable retry settings with sensible defaults during API token authentication
• Add configurable retry settings with sensible defaults for Stax API requests

See the documentation for more details.

Version 1.4.3 of stax2aws has been released. See how to upgrade stax2aws.

Changes:

• add --open-browser command line option that automatically opens a client browser with the token code populated

Version 1.4.2 of stax2aws has been released. See how to upgrade stax2aws.

Changes:

• add supported environment variables to command help
• validate the session duration --session-duration maximum value

Stax API endpoint Fetch All Tasks by Status has been deprecated and will be removed from stax-au1, stax-us1 and stax-eu1 on Sunday 14th August at 0200 UTC (Monday 15th August at 1200 AEST).

In addition, a change is being made to the API endpoint Fetch Status of task in stax-au1, stax-us1 and stax-eu1 such that any tasks created on or after Sunday 14th August at 0200 UTC (Monday 15th August at 1200 AEST) will have a 30 day expiry. Any tasks older than 30 days will be removed from the system, responding with a 404 NOT FOUND status.

These changes are being made to improve the way Stax manages tasks.

If you have any concerns, please raise a support case.

An update has been applied to Stax's Compliance module to improve performance and reliability.

The update implements stability updates to the underlying software and lays the foundation for upcoming feature releases. 

No functional changes have been introduced. Should you experience any issues, please raise a support case.

Stax has changed how Rules relating to S3 buckets being publicly open are evaluated by including the FULL_CONTROL is not granted to groups AllUsers or AllAuthenticatedUsers check.

If you observe buckets that were previously compliant now showing as non-compliant, it is likely due to the stricter requirement for the bucket to meet the additional control described above. For more information and remediation, visit S3 Buckets shouldn't be Publicly Open.