Wiz Release Notes
1. New tenant creation(21st November 2023)
Feature Requirement:
Creation of new CloudLabs tenant for storing the test templates.
Implementation:
Created new WIZ Content tenant for storing the test templates.
Steps For Changing the tenant:
Go to WIZ tenant as highlighted in the red. Select the dropdown option you should be able to see WIZ content tenant (As shown in below screenshot).
2. Power-BI reports
2.1 Subscription Count (24th November 2023)
Feature Requirement
Number of the Subscriptions Available for all the three clouds.
Implementation
Created the PowerBI report for the available and unavailable subscriptions in all the three clouds.
Steps to check available and unavailable subscriptions in the PowerBI report
In admin portal go to the reports section and click on the “Admin”.
Choose the subscription count page, here you will be able to check on the availability based on Subscription group name and cloud platform.
2.2 Cloud Spend report(28th December 2023)
Feature Requirement
Cloud Spend report for All Three clouds.
Implementation
Modified the cloud spend based on 3 different clouds. Bifurcation is based on Month, tracks and users.
cloud spend report
2.3 Sign in report (22nd January 2024)
Feature Requirement
Sign in details of the custom portal
Implementation
Implemented the Power BI report for the sign in details in the custom portal.
Steps for checking the Sign in Report
choose the Login History page in Reports section. we will be able to see the logins based on time, date, names and domains.
2.4 Validations report (27th February 2024)
Feature Requirement
Validation status for User reports.
Implementation
Added a separate column called as User reports to check the validation status.
Validations report
In the "Validations" column, determine the ratio of validations completed to the total number of validations provided.
If all validations are completed, the status will be set to Complete. If any validations are only partially completed, the status will be marked as Incomplete. If no validations are completed at all, the status will be labelled as Not Validated.
3. Clean up script (26th November 2023)
Feature Requirement
Implement the attendee resource clean-up based on the below list.
- Connector
- Dashboard
- Dashboard Widget
- Outpost
- Cloud Configuration Rule
- Host Configuration Rule
- Control
- Ignore Rule
Implementation:
- Developed the API calls for the cleanup of the resources in the Wiz Portal.
4. Lab Guide Preview (11th Dec 2023)
Feature Requirement
Enable user friendly feature for previewing the lab guide before launching the lab in the custom portal.
Implementation
Added a new tab for preview button in the lab Catalog view under custom portal.
Steps for enabling the lab preview option
In the Admin portal, navigate to templates section and click on edit option for specific template.
In the template, enable the checkbox for Enable Lab Preview.
Click on SUBMIT button to save the changes.
Once we have successfully saved the preview option. Navigate back to On-demand labs page and edit respective ODL and Enable lab preview option.
Add the Preview URL (Master Doc link for the lab guide) and click on submit.
Navigate to the Custom portal (https://wiz.cloudlabs.ai) and click on Login/Sign Up.
In the Catalog section, choose the lab for which you wish to preview the lab guide.
Click on preview to view the lab guide.
The lab guide preview is accessible within the portal.
5. Lab Guide Updates (11th December 2023)
Feature Requirement
Capability for full screen view of the image in labguide.
Implementation
Implemented a feature allowing users to view images in full-screen mode.
Steps for checking the Lab guide updates
Go to the lab guide page and select the respective image that you wish to choose.
After selecting the image, it will appear in full-screen view, as illustrated in the image below.
6. Catalog View (11th December 2023)
Feature Requirement
Labs in catalog view get squeezed as more labs are added, users can't see the lab title.
Implementation
The issue is fixed by decreasing the font size of the tittle in the custom portal.
Also provided the character length (54 characters) for the custom portal to view the full name.
Steps for checking the Catalog View
Note: Currently Spektra is supporting only for 54 characters for the headers. If you need any further modifications, please reach out to Labs-support@spektrasystems.com
7.Lab Guide View (11th December 2023)
Feature Requirement
Rendering of bold text in Chrome browser on MacBook.
Implementation
Addressed issues related to bold text rendering in Chrome on MacBook.
checking the Lab guide view
8. SAML Mapping (8th January 2024)
Feature Requirement
- Need to make the API call’s for creating the WIZ project and assign the roles to the ODL users.
- Create the new custom handler that can map to another tenant, where Cloud Labs will be adding the users and assigning the specific permissions that are passed through custom handler.
Implementation
- CloudLabs will be creating the User to access the CSP and Wiz.
- CloudLabs will add the user to specific group based on the custom handler inputs.
- When a user is granted write permissions, a new project will be created, and the user will be assigned to that group. Additionally, a new AAD group will be created, and the user will be added to that group.
- If the user is assigned with the read only permission, user will be adding to the existing project and existing AAD group.
- After the Lab is finished, if the user possesses the appropriate writing permissions, proceed to delete the AAD group along with the newly established project associated with the user.
- If the user is having the read only permission, then user will be removed from the AAD group and from the project.
Steps for assigning the Permissions
To assign roles to the user with either Read-only or Write permission, the following steps should be followed:
In the Admin portal we need to select the templates section.
Click on Edit Template.
In the Custom handler section click on +ADD button.
In the Custom Handler Section add the below inputs and click on submit.
Custom Handler: WIZ_HANDLER
Input Parameter: https://experienceazurecloud.blob.core.windows.net/custom-handlers/wizlabs_global_contributor.json
Is Active: True
Note:: If Is Active button is not set to true then custom handler permissions will not apply.
Types of Input Parameter
Wiz_Ctf tenant with Global contributor: https://experienceazurecloud.blob.core.windows.net/custom-handlers/wizctf_global_contributor.json
Wiz_Labs tenant with Global Contributor and Global incident analyst: https://experienceazurecloud.blob.core.windows.net/custom-handlers/wizlabs_global_contributor_response_analyst.json
Wiz_Labs with Global Contributor and Project Admin: https://experienceazurecloud.blob.core.windows.net/custom-handlers/wizlabs_global_contributor_project_admin.json
Wiz_Labs with Global Contributor role: https://experienceazurecloud.blob.core.windows.net/custom-handlers/wizlabs_global_contributor.json
9. Custom Portal Profile (12th February 2024)
Feature Requirement
Add the Required fields in the My Profile Section of the Custom Portal.
Implementation
We have currently added/modified the fields based on WIZ requirements.
Steps for checking the custom portal profile
Login to Custom Portal (https://wiz.cloudlabs.ai).
On the right-hand side, you will be able to see the name xxxxxxxxx highlighted in the red.
Click on the name you will be able to see My Profile section.
You will need to fill the mandatory fields and click on save changes
Lab User: Lab users will be unable to launch a lab or course if mandatory fields are not updated. Additionally, they should not be prompted for duplicate information in the registration form when attempting to launch a lab using an activation code in the custom portal.
Note: For any modifications on the above fields reach out to Spektra team at Labs-support@spektrasystems.com
10. Spacing and Hyphens issue in the registration page (12th February 2024)
Feature Requirement
Need to allow the double spaces and the symbols (-) in the last name.
Implementation
We are allowing the double spaces and symbols (-) in the last name.
Steps for checking the spacing and hyphens in the registration page
Allowing the hyphens in the Last Name.
Allowing the Spaces in the Last Name.
11. Voucher Extension (12th February 2024)
Feature Requirement
Admin user must have the functionality to add 500 vouchers simultaneously.
Implementation
We are allowing the admin user to add the 500 vouchers simultaneously.
Steps for checking the voucher extension
Go to On Demand Labs and choose the ODL you want to Add vouchers for and click on Edit (Highlighted in red below).
Now you have a checkbox to choose for Enable voucher and click on submit.
Navigate back to same ODL and Click on the ellipse option (...) and select Vouchers from the dropdown menu.
Once the vouchers are selected, we will have an option to + Add Vouchers.
Go to count section and enter the number of vouchers required (As seen in screenshot below)
Negative Testing: We are also trying to show the negative testing. If the “Count” increases more than 500 you will not be able to add/submit the request.
Note: In such cases, need to contact the Spektra team to implement the required adjustments.
12. Inject and Static key Combination (12th February 2024)
Feature Requirement
The Inject Key should include both static and inject keys, with a copy option.
Implementation
GitHub code snippet allowing the usage of both static and inject keys simultaneously, with a copy option.
<inject key="UserName" enableCopy="true" />
**checkNNumber:** <inject key="UserName" value="StaticValue4" key="UserName" value="StaticValue4" enableCopy="true" />
**checkNNumber:** <inject key="AzureAdUserPassword" value="StaticValue2" key="AzureAdUserEmail" value="StaticValue1" enableCopy="false" />
**checkNNumber:** <inject key="AzureAdUserPassword" value="StaticValue3" key="UserName" value="StaticValue2" />
**checkNNumber:** <inject key="UserName" value="StaticValue" key="UserName" value="StaticValue" />
**url:** <inject key="AzureAdUserPassword" value="StaticValue2" key="AzureAdUserEmail" value="StaticValue1" enableCopy="false" />
Admin Portal: The below screenshot refers to the rendering of the inject and static key combination in the admin version.
Custom portal: The below screenshot refers to the rendering of the inject and static key combination custom portal.
13. Hide Feature in ODL for catalog view (12th February 2024)
Feature Requirement
Allow ODL or Lab to be visible for the specific domain.
Implementation
Navigate to On Demand lab and choose the Specific ODL and click on Edit option (as highlighted below).
Once we click on Edit look for the Enable Inside CL portal
In the Catalog State of Non-Allowed Domains, there are three options:
o Locked
o Unlocked
o Hidden
Steps for checking the hide feature in ODL for catalog view
Example: For example, the specified domain is Gmail.
Locked
Only the allowed domain will be able to launch the lab, we can check the other domains, but it will remain in lock state.
Positive testing: Login using the Gmail domain specified in the ODL is successful.
Negative testing: Login using the other domain is unsuccessful.
Unlocked
All domains can use the launch option regardless of the specified allowed domain.
Hidden
Set the Catalog State of Non-Allowed Domains to hidden, won't be able to view the ODL.
Positive testing: Login using the Gmail domain specified in the ODL is successful.
Negative testing: For Negative Testing, accessing the ODL won't be possible if logged in from the Spektra domain.
14. Custom Portal Catalog (21st March 2024)
Feature Requirement
Separate panel for the active labs and with resume button and new tab for the retake count with launch option.
Implementation
In the custom portal's page under “My Learning” section you will be able to see the different panels for Active, Expired and retake and All labs.
checking the custom portal catalog
Active: Labs that are currently active will be displayed in the Active section, accompanied by a resume button
Expired and Retakes: In this section, labs that are currently expired and which is having retake count left can be listed
All Labs: In this section you can view the entire course list of users based on the Active/Expired and retake counts.
15. Addition of resources to the clean-up script. (22nd April 2024)
Feature Requirement
Implement the attendee resource clean-up for the below list.
- Reports
- Service Accounts
- Data Classifiers
- Automation Rule
- CICD Policy
Implementation:
- Developed the API calls for the cleanup of the resources in the Wiz Portal.
16. GCP Sandbox. (22nd April 2024)
Feature Requirement
Set up the Sandbox feature on Google Cloud Platform (GCP).
Implementation
We're extending support for the GCP Sandbox feature within CloudLabs.
Steps to enable the GCP Sanbox.
Within the cloudLabs portal, navigate to the "On-Demand Lab" section, Locate the created On-Demand Lab (ODL) and click on the "Edit" option.
Enable the Credit based allocation option inside the ODL.
Once the credit based allocation option is enabled, we need to Specify the Credit limit, add the Threshold limit for emails and Action on Credit expiry.
Credit Limit: Specify credits required to complete the Lab.
Threshold limit for the Emails: CloudLabs will be sending an email to user o Instructor based on the usage mention in the ODL. for example if the credit limit is set to 10$ and Threshold email alert is to set to 10% then User or Instructor receive alert at 1$.
Action on Credit Expiry : What action should be taken when credit expires.
Auto_Deletion: Once the instance reached the credit limit then instance will get deleted.
Stop_All_Resources: If Instances reached credit limit then it will stop the resources.
No_Action: Once the instances reached credit limit then no action will be taken on any resources and instance.
Once the Action on Credit Expiry scroll down to Click on submit to update the changes.
Note : Since cloud services provide precise cost details after 24 hours, we'll have the opportunity to receive alerts within a 24 to 48-hour window.