Views:
January 22, 2022, Conformity—The following features and updates are now available with Conformity's latest release on 27 January 2022.
  • Conformity now supports CIS Benchmarks for AWS Foundations 1.4 Standard and Framework report.
  • Added a new property to ‘GET /v1/azure/active-directories/{id}/subscriptions’ to indicate whether or not a subscription has been onboarded onto Conformity.
  • Enhanced Rule Settings > Configure Rule on account level to exclude matched resources between the Conformity Bot runs.
Bug Fixes
  • Fixed an issue where a longer account name displayed a broken HTML tag on the RTM dashboard.
  • Fixed incorrect sample requests for the 'Update Rule Setting' and the 'Update Rule Settings' APIs.
  • Fixed an issue where reports generated in "Improve compliance across your organisation" were not saved in the ‘Other Reports - History’ section.
Custom Policy Updates
New Rules
GCP
  • ComputeEngine-005: Enable "Shielded VM" Security Feature: This rule ensures that the ‘Shielded VM’ feature is enabled for your virtual machine (VM) instances.
  • ComputeEngine-006: Check for Instances Associated with Default Service Accounts: This rule ensures that your VM instances are not associated with the default GCP service account.
  • ComputeEngine-008: Check for Instance-Associated Service Accounts with Full API Access:This rule ensures that VM instances are not associated with default service accounts that allow full access to all Google Cloud APIs.
  • CloudIAM-003: Check for IAM Members with Service Roles at the Project Level: This rule ensures that the Service Account User and Service Account Token Creator roles are assigned to a user for a specific GCP service account rather than to a user at the GCP project level.
Bug Fix
  • S3-025: S3 Buckets Encrypted with Customer-Provided CMKs: Fixed a bug where the disabled rule was generating checks.