In this major release we have enhanced all the 4C’s(CloudOPS,Compliance,Consumption & Cost) of Multi Cloud Governance cutting across AWS and Azure Cloud.

1. Compliance

a.On demand assessment at Standard level, Control level & Policy level

  • In the earlier releases, there were no options to do an on-demand assessment of compliance standards and compliance team had to rely only on automated assessments scheduled by CoreStack. Now with the on-demand assessment, compliance teams can perform assessment when needed. Assessment can be done in multiple levels and are as follows,
    • Standard level assessment provides capability to assess all controls by a single click
    • Control level assessment provides flexibility to assess specific controls within a compliance standard
    • Policy level assessment provides option to run a specific policy mapped to a control and view recommendations

b.Compliance Status UI changes

  • ​​​​​​​Ability to view status of the controls within a standard with enhanced user experience
  • Provides the ability to view status based on role based access controls (RBAC)
    • Compliance Admins can create and manage Compliance standards and controls
    • Compliance Members can view the status of the policies mapped under each control and act upon the recommendations
    • Additional RBAC roles can be created in CoreStack to allow granular permissions for the actions in Compliance Standards page. For example, create a new role compliance_member_level1 to view status of the Compliance Standards and generate reports. Create another role compliance_member_level2 to perform assessment and view updated status

c.Github support for policies

  • Allows the option to create policies by specifying the Github link to the policy content.
  • Github repositories with public access and private repositories with username/password & SSH key auth are supported
  • This facilitates using policies available in Github repositories in an enterprise without having to upload them
  • The option to upload policy content by uploading a file is still supported

d.Additional Standards – Following compliance standards & its controls can now be effectively used through CoreStack

  • Fedramp Controls
  • ISO 27001
  • PCI controls

2. Consumption

a.Inventory Activity Tracker

  • Option to enable/disable activity tracking at the tenant level
  • Capture change management reference # before initiating an activity in inventory
  • When the option to track inventory changes is enabled, any actions performed on the resources through CoreStack without the change reference # is considered as “Non Compliant”

b.AWS Master & Linked account Management

Using the AWS Organization Master account onboarded in CoreStack, can create new AWS accounts and manage them. This allows the ability to keep track of the accounts under the master, audit compliance and policy restrictions on the member accounts as required

c.Azure Subscription Management

Create new subscription within a CSP Direct account. When the subscription is created, it can be onboarded into CoreStack as a cloud account and manage them as like any other account. This enables the option to create new subscriptions for different use cases or departments or cost centers

d.Following is the way to differentiate the accounts & subscriptions created and/or managed through CoreStack,

  1. Associated Cloud Accounts – Member accounts created through CoreStack are identified as associated cloud accounts. The IAM credentials to access the AWS member account via AWS console can be downloaded
  2. Onboarded Cloud Accounts – Any cloud account that are onboarded and managed through CoreStack are identified as Onboarded Cloud Accounts. Associated cloud accounts can onboarded into CoreStack without entering the access/& secret keys, as they are created from CoreStack and can be pre-populated

3. CloudOps

a.AWS Cloudwatch custom metric support

AWS allows additional monitoring metrics to configured for resources to facilitate planning, troubleshooting and management of resources efficiently. CoreStack now has the ability to capture custom metrics data from AWS CloudWatch that are not supported by default. These custom metrics are captured by installing agent on the compute resources

b.Cloud Account onboarding validation

Permissions & Access Validations for AWS & Azure accounts while onboarding to prevent failures due to lack of permissions. This validation applies to cloud accounts onboarded with Express or Custom settings. One key thing to note is the permissions required for management through CoreStack varies for cloud accounts onboarded with express & custom settings

c.Extended Integrations

  • AWS Config based inventory tracking – All AWS resource types supported
  • Azure all resource based inventory tracking
  • Azure Logic Apps & SQL DB monitoring metrics can now be viewed through CoreStack

4. Cost

Azure CSP billing & Cost Analytics in Cost dashboard

  • Provides the ability to track the usage cost for subscriptions under CSP direct account and view hierarchy
  • This features enables MSPs to manage their Azure CSP direct account and view the cost under a single dashboard with the difference in usage cost based on pricing models at the CSP direct account and its subscriptions
  • Multi tenancy view of cost for cloud accounts is already available and it is still supported for CSP direct accounts
  • When the CSP direct account is onboarded with CoreStack’s “Account” scope, account admins can leverage the option to create new subscriptions within the CSP direct account under different CoreStack tenants and provide access

Please feel free to connect with [email protected] to get a preview of all the features, we would be happy to Orchestrate a demo session as per your need.

Start typing and press Enter to search