Stax Changelog logo

Changelog

Back to Homepage Subscribe to Updates

Labels

  • All Posts
  • Fix
  • changed
  • added
  • deprecated
  • removed
  • security

Jump to Month

  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
changed
yesterday07/05/2022

Improvements to Stax Compliance

An update has been applied to Stax's Compliance module to improve performance and reliability.

The update implements stability updates to the underlying software and lays the foundation for upcoming feature releases. 

No functional changes have been introduced. Should you experience any issues, please raise a support case.


changed
a month ago06/06/2022

Update to Rules - S3 Buckets Should Not Be Publicly Open

Stax has changed how Rules relating to S3 buckets being publicly open are evaluated by including the FULL_CONTROL is not granted to groups AllUsers or AllAuthenticatedUsers check.

If you observe buckets that were previously compliant now showing as non-compliant, it is likely due to the stricter requirement for the bucket to meet the additional control described above. For more information and remediation, visit S3 Buckets shouldn't be Publicly Open.

Impacted Rule Name
Impacted Bundles
  • S3 Best Practices, version 1.0 & 1.1
  • Organization
S3 Buckets should not be Publicly Open for Reads
  • S3 Best Practices, version 1.0 & 1.1
  • Organization
S3 Buckets should not be Publicly Open for Reads and Writes
(Previously: S3 Buckets should not be Publicly Open)
  • S3 Best Practices, version 1.0 & 1.1
  • Organization
S3 Buckets should not be Publicly Open for Writes
  • S3 Best Practices, version 1.0 & 1.1
  • Organization
S3 Buckets should not be publicly open for read operations
  • Public Exposure, version 1.0
S3 Buckets should not be publicly open for read and write operations
(Previously: S3 Buckets should not be publicly open)
  • Public Exposure, version 1.0
changed
a month ago05/30/2022

Changes to Stax Rule Names

A number of Rule names have been updated to improve usability and clarity. This change applies to the following Rule Bundles:

  • APRA, version 1.0
  • EC2 Best Practice, version 1.0
  • IAM Best Practice, version 1.0
  • RDS Best Practice, version 1.0
  • SNS Best Practice, versions 1.0 and 1.1
  • SQS Best Practice, versions 1.0 and 1.1
  • S3 Best Practice, versions 1.0 and 1.1
  • Stax Foundation Compliance, version 1.0

In addition to these changes, Stax has added more detail to Rule descriptions, across all Rule Bundles, to provide a more detailed understanding of each Rule's intent and evaluation. These changes do not impact how Rules are evaluated.

If you have any questions regarding this change, please reach out to your Customer Success Manager or raise a support case with your inquiry.

changed
a month ago05/25/2022

Identity Service Updates

An update has been applied to the Stax Identity Service to improve performance and reliability.

The update implements security and stability updates to the underlying software, as well as some visual updates to various screens. No functional changes have been introduced.

These changes have been applied automatically by Stax during the advertised maintenance window. There is no impact to service expected as a result of this upgrade. Should you experience any issues, please raise a support case.

To ensure you receive notice of upcoming changes to Stax, make sure you're subscribed to the status page.

changed
3 months ago03/21/2022

Simplified View Management with an Improved Interface

Managing Views in Stax is now simpler with improvements released today. A Manage Segments button has been added to simplify adding, editing, and deleting a View's segments. For multi-dimensional Views, the interface has been simplified to rename Dimensions to Columns and Conditions to Rows. This makes it easier to understand your multi-dimensional Views and how they will be segmented.

changed
3 months ago03/11/2022

Stax Python SDK v1.2.0 released

Version 1.2.0 of the Python SDK has been released.

This change sets the default logging level from DEBUG to INFO. It also removes the configuration of loggers that were out of scope of this SDK, such as boto3, botocore, nose and urllib3. Previously these loggers were being configured to level WARNING. Users of the SDK should check and ensure the logging of these libraries is configured to their desired level.

See Stax Python SDK for more details.

changed
6 months ago01/07/2022

Stax Permission Sets Limit Update

Stax Permission Sets now supports increased limits for Permission Sets and Assignments. The maximum number of Permission Sets is now 50. Previously this limit was 10. The maximum number of Assignments for a Permission Set is now 100. Previously this limit was 50.

To get started, see Permission Sets in the docs.

changed
6 months ago12/21/2021

Permission Sets is Now Generally Available

Permission Sets allows for fine-grained control of permissions when users log in to Stax-managed AWS accounts. The feature has been accessible in Preview Mode for some time, but is now generally available.

See Permission Sets to get started.

changed
6 months ago12/20/2021

Management Account Now Accessible to Organizations With Reseller-Owned Accounts

Limited access to the Management account is now available for Stax-managed AWS Organizations using an account ownership model in which the management account is owned by a reseller. The account is available and can be logged into from the list of Stax-managed AWS accounts in the Stax Console.

This change allows for configuration and visibility of services that are only available in the Management account of AWS Organizations.

For information on the Management account, see Accounts.

To enable users to access the Management account, grant access by assigning one or more of the three built-in roles to a group of users. See Manage Groups for specific guidance. At this time, the Permission Sets feature is not supported for the Management account.

changed
7 months ago12/02/2021

SNS Topics are not Exposed Rule Improved

Stax has updated the SNS topics are not exposed Rule to allow SNS topics shared with a specific AWS Organization or AWS Account to pass the Rule. This means that the Rule will only fail for SNS topics that are shared with no limitations.

The Rule now checks for the existance of a condition checking for a condition restricting access to a specific aws:PrincipalOrgId or aws:PrincipalAccount.