FinOps

Reservation Page Enhancement – Lookback Period (AWS and Azure)

• In the Reservation Recommendations page (Cost > Optimize Rate > Reservation Recommendations), new details have been added for Lookback Period, Cloud Account Name, and Recommendation ID for AWS and Azure cloud accounts. These details provide additional information to customers that help them better understand the recommendation being offered and initiate the purchase discussion with their cloud provider.

GenAI Service Category Mapping for AWS Product Family

• GenAI-based service category mapping for Product family in AWS which fixes uncategorized items. This will be reflected in Cost Dashboard widgets.

SecOps

Compliance Standards

• The following compliance standards have been decommissioned since newer versions of the standards have already been introduced in previous releases:
  • PCI DSS 3.2.1
  • CIS Azure 1.3
  • CIS Azure 1.5
  • CIS Azure 1.5 – CS
  • CIS Azure
  • CIS AWS 1.3
  • CIS AWS 1.4

Assessments

Custom Frameworks – Support for Sync to/from AWS Custom Lens

• Added the ability for users to create/edit custom frameworks for assessments in the platform by syncing with an AWS Custom Lens created in their AWS cloud account.
• Added the ability for users to create/edit an AWS Custom Lens in their AWS cloud account by syncing details from a custom framework available in the platform.

Policies

Cost Policy Updates

• Added new policy - "Azure Application Gateway Idle"
• Added new policy - "Azure Audit Required Owners Tag”
  • Fixed policy remediation template for AWS FsX
  • Added “tag” as an input parameter for the AWS Workspaces unused policy.

Disabled Policies

The following policies were disabled since they were found to be erroneous and were not needed anymore considering that they were not mapped to any compliance standard.

• AWS_EC2_Instances_Alerts_exceeding_Free_Tier_Limits
• AWS_Audit_Recently_Created_Deleted_Inventory_Resources

Platform

Freshservice Integration for Incident Management

The platform now integrates Freshservice exclusively for Incident Management, enabling the creation of incidents for monitoring alerts, budget alerts, security threat alerts, and policy violations.

Key Features:

• Incident Management: Map attributes and configure alerts for seamless incident creation.
• Attribute Mapping: Configure mappings for monitoring, budget, security, and policy violation alerts.
• Custom Tags and Scope Selection: Add custom tags at account/tenant scope.
• Dynamic Field Mapping: Map platform tenants to Freshservice fields dynamically during incident creation.
• Product Support Menu: Access a portal for incident creation within the platform.
• Ticket Listings: View and filter Freshservice tickets based on user scope.
• Template Execution: Dynamic drop-downs link each template run to the respective incident.

Role-Based Landing Page

• The new role-based landing page feature offers users more flexibility in the landing page view users get once they log in to the platform by supporting both user-defined and system-defined landing pages. The user-defined landing page takes precedence; if no user preference is set, then the system-defined logic is applied.

User-Defined Landing Page:

• Users can select their preferred default landing page from a list of available options.
• Options are tailored based on the tenant and the user's assigned role.
• If no selection is made, the system-defined landing page is used by default.

System-Defined Landing Page:

• Each role, whether system or custom, is associated with policies that define landing pages providing valuable insights.
• If a custom role lacks a landing page policy, the user will default to the User Profile page.
• In cases of multiple policy conflicts, the Account Governance page is used as the fallback landing page.

Customizable Account Master Name

• Account admins now have the ability to rename the Account Master name according to their preference. The new Account Master name will appear in all references, including dashboards, reports, and more, replacing the previous name.

Billable Resource Filter in Workload and Tag Governance Pages

• Resources available in users’ cloud inventories now have a "Billable" field in the platform, which indicates whether a resource is part of cloud billing.
• As part of this, all resource views in Tag Posture and Workload pages have a new “Billable” filter with values "Yes/No" to sort by whether or not a resource is part of cloud billing.

Tag Governance – OCI Defined Tags Visibility

• Added OCI Defined Tags visibility to the Tag Governance page, which shows the defined tags discovered against each OCI resource in a user's cloud inventory.
• Users now have the ability to define Tag Baselines for OCI, using both defined and free-form tags.
• For Tag Posture, the tag score will be computed based on both free form and defined tags that are included as part of baseline.

Tag Governance - OCI Defined Tags Remediation Support

• OCI Defined Tags remediation is now supported for Tag Posture under Tag Governance.
• OCI Defined Tag remediation is now supported for the following OCI resources:
  • OKE (Kubernetes) - Container Repository
  • Networking - Subnets, Nat Gateway

GCP Linked Project

• The system now supports the "Assign to Tenant" option. When a billing account is onboarded, it discovers all associated organizations and linked project accounts in the “not_onboarded” state. With this enhancement, accounts in the “not_onboarded” state can now be transferred from one tenant to another.

Reports

New Reports:

The following new reports have been applied in this release.

OCI Orphaned Resource Report

• This report contains information about OCI resources that are no longer associated with any active or required components (i.e. "Orphaned"), but still exist in your cloud environment.

Report Enhancements:

The following reports enhancements have been applied in this release.

AWS EC2 Cost Report – Add Instance Type Column

• Added a new column for Instance Type in the report to supplement the product family information which is currently shown

Azure EA and CSP Cost Monthly Reports – Variance, Line Item, and Account Master Filter Parity Enhancements

• For scenarios where a user has access to multiple Account Masters in the platform, an Account Master filter is available in the Azure EA and CSP Cost Monthly reports.
• Similar to other Cost Monthly reports, the Azure EA and CSP Cost Monthly reports now include Variance and Line Item dimension views.

Cost Recommendations Report – Deduplication

• Deduplication of potential savings for resources is implemented in the Cost Recommendations Report, which more clearly conveys the max potential savings for a cloud resource across all sub classifications of usage-based recommendations (Rightsizing, Schedule, Idle, Orphaned, and Optimize Config). As part of this, two new filters have been added for Sub Classification and Potential Savings.
• The report will only show recommendations for the sub classifications selected via the Sub Classification filter, which includes:
  • Idle
  • Orphaned
  • Right Sizing
  • Config
  • Schedule Recommendations
  • Reservations
  • Savings Plan
• The Potential Savings filter has All_and _Maximum Only as selectable options, which are explained in more detail below:
  • All – Selected by default. No deduplication of resources occurs when this option is selected. It will show resources and their potential savings as they are now.
  • Maximum Only – Selecting this option deduplicates the resources and shows resources with the maximum potential savings across all sub classifications. If only two sub classifications are chosen, deduplication will apply only to those two sub classifications.

External APIs

• To see the external APIs which have been added, modified, and removed in this release, refer to: https://docs.corestack.io/v4.5/docs/external-apis-45-2404
• To see all the available external APIs, refer to: https://docs.corestack.io/reference/authtoken