Views:
February 16, 2022, Conformity—The following features and updates are now available with Conformity's latest release on 16 February 2022.
Bug Fix
Custom Policy Updates
New Rules
GCP
  • CloudSQL-015: Check for Publicly Accessible Cloud SQL Database Instances: This rule ensures that your Google Cloud SQL database instances are configured to accept connections from trusted networks and IP addresses only.
  • ComputeEngine-007: Enable VM Disk Encryption with Customer-Supplied Encryption Keys: This rule ensures that the disks attached to your production Google Compute Engine instances are encrypted with Customer-Supplied Encryption Keys (CSEKs).
  • CloudIAM-004: Delete User-Managed Service Account Keys:This rule ensures that VM instances are not associated with default service accounts that allow full access to all Google Cloud APIs.
Rules Updates
  • Firehose-001: Firehose Delivery Stream Destination Encryptions: This rule has been updated to specify the relevant encryption type. The rule ensures that Firehose delivery stream data records are encrypted at the destination.
  • Lambda-001: Lambda Runtime Environment Version: Customers can now configure the end of support runtime in the rule settings.
Rule Bug Fixes
  • ECS-002: ECS Task Log Driver In Use: Fixed a bug where the disabled rule was generating checks.
  • ECS-003: ECS Configuration Changes: We've fixed a bug where Conformity Bot was unable to correctly scan ECS Clusters.