Release Notes 4.1 (2303-2304)

Released August 9, 2023

CoreStack FinOps

  • Removed the potential savings percentage that was displayed as part of Optimize Usage and Optimize Rate pages, since these numbers can be misleading -- especially when a resource is partially used or used for the minimal number of hours in a month.
  • For Cost Optimizer, we now list optimization actions and the logs of both successful and failed events for completing remediations through CoreStack.
  • Enhanced the Monthly Cost By Cloud Account Report to provide a cleaner summary and cloud spending details on both a per tenant and currency basis.

CoreStack SecOps

Compliance Standards

Added the following compliance standards:

AWS Security Hub

  • CoreStack now supports AWS Security Hub integration. This enables users to view security findings on the posture of their cloud accounts within the CoreStack interface, based on tenant selection. Users can also view the data in different ways by using filters.

CoreStack CloudOps

AWS Patch Report

  • An AWS Patch Report has been added in CoreStack -- this provides information about compliance and security patches, as well as updates released by AWS. It includes information about security vulnerabilities, bug fixes, performance improvements, and new features introduced in each update.

Alarm Suppression

  • CoreStack now includes a feature to suppress alarms. By suppressing alerts, this in turn also helps suppress incidents which are raised with respect to those alerts. Multiple alarms can be suppressed using this feature.
  • This feature is currently available for AWS only.

Metrics supported by CoreStack

A few metrics have been added for the services listed below:

  • Azure VM AMA/Custom Metrics
  • Azure System Metrics
    • MS SQL DB
    • Cosmos DB account
    • Logic app workflow
    • Virtual Machine (VM) scale set
    • Load Balancer (LB)
    • Application Gateway
    • Web Apps
    • Key Vault
    • Cache for Redis
    • HDInsight Cluster
    • AWS Custom to System Metrics
  • AWS System Metrics
    • BackupVault
    • DynamoDB
    • ElasticBeanStalk
    • Lambda
    • Redshift
  • AWS Enable/Disable Multiple Alarms Feature

AWS Systems Manager (SSM) Documents

  • AWS SSM Documents are now integrated with CoreStack to automate the execution of different tasks. These documents can help users automate redundant tasks.

    • Users can choose from a wide range of custom or global documents to execute.
    • Users can execute using simple or rate control execution options for Automation documents during the initial phase.
    • Users can view the output and logs of AWS in the CoreStack console through the history segment.

πŸ“˜

Note:

For phase 1, we are currently providing integration support for the Automation category of documents. Only simple and rate control options for execution will be supported.

ServiceNow CMDB Integration

  • CoreStack's integration with ServiceNow offers a new configuration management database (CMDB) setup to help users to manage and track their resources in CoreStack by creating and maintaining rules in a CMDB dashboard.

Pipelines Dashboard

  • CoreStack now provides visibility into your CI/CD pipeline execution through integration with Azure DevOps CI/CD. The user will be able to view their respective projects and pipeline executions through CoreStack

CoreStack Core

Account Master Management

The following roles have been added in CoreStack for account management:

Account Admin

  • With single sign-on (SSO) security settings, Account Admins can invite users to a particular account. Account Admins must add tenants and assign roles to each tenant for a user profile. Additional tenants and roles can be added or deleted anytime from a user profile.
  • Account Admins can access and create account masters in CoreStack.

Provider Admin

  • Users with the Provider Admin role can both access account masters and create account masters.
  • Provider Admins can invite new users and add tenants and roles for existing user profiles.
  • Provider Admins can delegate customer accounts and manage account hierarchy.

Delegation Admin

  • Delegation Admins can access account master in CoreStack and can invite new users.
  • Delegation Admins can invite new users and add tenants and roles for existing user profiles.

Tag Governance

  • Added the Resource Name option to Tag Governance to enable users to select all resources at a time and take remediation steps.

OKTA Single Sign-On (SSO)

  • Integration of OKTA SSO with CoreStack enables users to access CoreStack without creating a user.
  • The OKTA security setting must be enabled to invite users to allow access to CoreStack.

CoreStack Compass

  • CoreStack now offers the Compass assessment tool designed to run both user-defined and hyperscaler-provided frameworks, such as well-architected frameworks.
  • Compass assessments can help users adopt best practices, manage risk, and maintain reliable, secure, resilient, cost-efficient, and sustainable cloud infrastructure.
  • The following capabilities have been added for Compass:
    • Workloads – Create workloads for your cloud resources and run assessments on them through a simple process
    • Best Practices – Automated best practices to identify issues based on associated policy executions.
    • Dashboard – A unified dashboard can be used for reporting across multi-cloud providers.
    • Frameworks – Users can create custom frameworks based on their preferences.
    • Versioning – Different versions of workloads and assessments can be created to track changes over time.
    • Milestones – Create milestones to track and compare how an assessment has changed over time.
    • Reports – A comprehensive report can be generated on demand for an assessment to view details about all the best practices, violations, and recommendations.

External APIs

Known Issues

Below APIs are not working as expected. We will try to fix it before the next release.

  • Delete Resource Tag Config Rule
  • Delete Resource Lock Config Rule
  • Delete Assessment Definition
  • Heat templates are deprecated