Whether you're interested in tracking your compliance with industry standards or looking to track compliance with your internal standards, Stax has rule bundles and custom rules to match all your needs.
Stax makes adherence to industry standards and internal compliance easy by providing Rule Bundles to reduce the burden of finding and creating your own sets of Rules. Rule Bundles are predefined collections of Rules that help your organization to compare itself to industry frameworks and best practices, such as the CIS benchmark and best practices for using Amazon S3. We also have an extensive catalog of customizable Rules where you can select the segment to which the Rule is applied as well as any other parameters you'd like to customize, for example the number of characters required in IAM passwords.
Stax regularly checks compliance throughout the day. When a new failure is detected, an alert can be sent either to an email address, Slack, Microsoft Teams, or via a webhook to any destination. These alerts are configurable by visiting the Settings page. Where a default segment has been selected by a user, they will only be alerted for resource failures where the resource belongs to that segment, thus reducing unnecessary noise and preventing alert fatigue. See Notifications for more on configuring notifications in Stax.
Before You Begin
- Estimated time to complete: 5 minutes
- After Rule creation, initial resource evaluation may take several hours
- You must be a member of the Read Only or User role in your Stax tenancy. If creating, deleting, or modifying Rules, you must be a member of the Admin or Cost & Compliance Admin roles in your Stax tenancy
- Log in to Stax
- Select Rules from the left-hand nav
The Global Filter allows refining the Rules page to display only results for a single segment of a View. To view all results, choose All Views from the Views list.
The Rule Bundle filter allows further refining of results to view only Rules within a given Rule Bundle.
Choose a severity from the top panel to refine the results to show only Rules of that severity.
Once filtered to the desired results, click a Rule to view its results.
The most recent assessment's results will be shown. Filtering can be applied to filter only to failing items.
Copy a resource's ARN to allow further investigation in the AWS Console.
To review additional details about the Rule and how it is evaluated, click on Documentation.
Trigger a Rule Evaluation
Stax regularly evaluates Rules to ensure compliance data is up-to-date, but to request a faster evaluation of a specific rule, choose Re-Evaluate Rule from the Rule's vertical ellipsis (⋮) menu.
If a resource cannot be made compliant, or should be excluded from checking, choose the vertical ellipsis (⋮) next to the resource then click Ignore resource from rule.
Provide a valid reason, then click Ignore Resource.
When downloading reports from the Rules page, any Global or Rule Bundle filtering applied will be reflected in the report. To include all resources, be sure to remove filters before downloading a report.
To download an overall compliance report, click the download icon at the top of the Rules page, then choose Summary Report. The report will be generated and dispatched by email.
To download a single Rule's report, navigate to the Rule's results page, then click Download. The report will be generated and dispatched by email.