About Stax

Over time, cloud configurations can drift and expose organizations to security risk. Stax's enterprise-grade platform helps maintain consistency across all your AWS accounts, not just the new ones.

On This Page
Identity and Access ManagementAWS Account ManagementAWS-Endorsed Account ArchitectureNetwork ConnectivityCloud Cost VisibilityWorkloadsEnterprise-Grade Security (Rules)See also

Stax is a next-generation cloud foundations platform. The platform exists within the AWS ecosystem and leverages AWS services to provide a cloud environment that is pre-configured with enterprise-grade controls for security, network connectivity, monitoring and identity and access management.

Identity and Access Management

Stax offers an Identity Management service that governs authentication and authorization into the Stax console and also enables Single Sign-On into Stax-managed AWS Accounts. You can incorporate your own identity provider with the Stax Identity Management service, which allows you to bring your own user base.

AWS Account Management

Stax enables you to create new AWS accounts at the click of a button and manage them from a central location. All accounts created are hardened with security configurations that help you to achieve compliance with the CIS AWS Foundations Benchmark.

AWS-Endorsed Account Architecture

Stax account structure is based on AWS Landing Zones and utilizes AWS Organizations. These technologies provide a secure multi-account environment with segregated account access. The account structure includes a Master account, Security account and Logging account. The Security and Logging accounts created by Stax are your foundation accounts. They are used to provide security controls, threat detection, audit controls and log retention.

Network Connectivity

The Networks feature is designed to provide you with a simple and flexible way of deploying AWS Network topologies. AWS offers a wide variety of products that form the building blocks of a secure, advanced cloud network. Stax Networking allows customers to quickly and safely deploy a network that connects their AWS workloads.

Cloud Cost Visibility

Monitoring daily cost, analyzing spend, and setting up cost alerting thresholds are all standard features of Stax via integration with Stax Cost Management.


You can create your own Stax Workloads to quickly launch and utilize applications in one or more AWS accounts, without needing to develop or manage codebases and pipelines. When using Workloads, deployment, updates, and termination is orchestrated by Stax.

Enterprise-Grade Security (Rules)

The entire Stax platform is configured to align with best practice security principles employed by large enterprise. Stax achieves this through the Stax Foundation Compliance Rule Bundle. The Stax Foundation Compliance Rule Bundle was developed to help your organization align with industry best practices and improve your security and risk posture. The Bundle continually evaluates the compliance of accounts created in Stax as well as that of your external AWS accounts that have been discovered and onboarded from an AWS Organization created outside of Stax. The Stax Foundation Compliance score is comprised of Rules that mirror the security controls that Stax automatically enables during account creation. These controls are in turn based on the CIS AWS Foundations Benchmark and the AWS Well Architected Framework. You can review the complete list of Rules within this Bundle under the Rule Bundle menu in the Stax console.

See also