Add a Rule in Stax
There are two ways of adding Rules in Stax - either by adding an existing Bundle or by adding a configurable Rule from the catalog.
Rules in Stax are essentially automated compliance checks to ensure your resources are compliant with the standards you apply to them. These standards can be external standards, like the Centre for Internet Security (CIS), a set of industry best practices around a specific AWS product, or your own internal standards.
The Rules available within Stax are not just limited to ensuring that your resources are secure, there are also Rules that check for optimization, tagging compliance, use of approved regions and more. In total, there are nearly 200 Rules in our catalog that you can configure to meet your needs and the list is always growing.
There are two ways to add Rules; adding a Rule Bundle or adding from the catalog. This article will cover both.
Before You Begin
Adding a Rule or Rule Bundle will generally take 5 - 10 minutes.
In order to add or edit Rule within Stax, you'll need to be an admin.
It's also important to be aware that when you create a new Rule, any non-compliant resources may trigger notifications to be sent to other Stax users.
It's also good to know that while an individual Rule can be applied everywhere or to a specific segment, a Rule Bundle will be applied everywhere.
Log in to the Stax Console
Navigate to Rules
You'll be able to see the Rule your company has already set up
You can check the Bundles that have been switched on by clicking the filter at the top of the page
Add a New Single Rule
- To add a new single Rule, click 'add Rule' on the top right
- You will be taken to the Rules Catalog
You can either search by keyword or tick the box(es) next to your area of concern
When you find a Rule you'd like more information on, click the Rule name and the details, including available parameters, will appear on the right.
If you'd like to target a specific part of your environment, you can use the views and segments you've already created to apply the rule to just a single segment
Add a severity
Add any necessary parameters
Give the Rule a meaningful name
Add a Rule Bundle
If you wanted to add a standard bundle of Rules
Go to the Bundles page
Select a Bundle from the 'Available Bundles' section by clicking on the one that interests you.
The Rule Bundle detail screen will give you an overview of what the Bundle will help with and allow you to review all the individual Rules before they're applied.
Rules with a carat to the left have parameters you should check and configure before proceeding.
You can switch individual Rules on or off by clicking the radio button to the right of each rule.
When you're happy with your selections, click the 'Add Bundle' button.
Your first assessment will take 2-4 hours to complete.