Views:

December 15, 2025, Conformity: A summary of Trend Cloud One Conformity Updates for the week ending on 6 December 2025.

New Rules
  • OCI
    • OCI-BlockVolume-003: Check for Volume Performance Units (VPUs): This rule ensures that Volume Performance Units (VPUs) in your OCI Block Volumes settings are configured appropriately for workload requirements.
    • OCI-BlockVolume-007: Enable Cross-Region Volume Replication: This rule ensures that Cross-Region Volume Replication for Oracle Cloud Infrastructure (OCI) Block Volumes is enabled to automatically and consistently copy your data to another OCI region.
    • OCI-BlockVolume-004:Enable Performance-Based Autotuning for Block Volumes This rule ensures that performance-based autotuning is enabled for your Oracle Cloud Infrastructure (OCI) Block Volumes in to automatically scale the volume's performance up or down based on real-time workload demands. This ensuares that applications receive optimal performance during peak usage while simultaneously optimizing the cost by reducing performance during low-usage periods.
    • OCI-FileStorage-004: Check for Availability Domain Alignment: This rule ensures that Oracle Cloud Infrastructure (OCI) File Storage systems must be provisioned in the same availability domain as their consuming compute instances.
    • OCI-Compute-007: Enable Compute Instance Monitoring: This rule ensures that compute instance monitoring is enabled for your Oracle Cloud Infrastructure (OCI) compute instances to track performance metrics, detect anomalies, and quickly identify potential security or operational issues.
  • GCP
    • DocumentAI-005: Use Customer-Managed Encryption Keys for Document AI: This rule ensures that Document AI data uses a Customer-Managed Encryption Key (CMEK) instead of a Google-managed encryption key.
  • AWS
    • Bedrock-012: Configure Permissions Boundaries for IAM Identities used by Amazon Bedrock: This rule ensures that permissions boundaries are set for IAM identities and roles used by Amazon Bedrock to control the maximum permissions.
    • Bedrock-011: Enable Model Invocation Logging: This rule ensures that model invocation logging is enabled for Amazon Bedrock service to collect metadata, requests, and responses for all model invocations in your AWS cloud account.
  • Azure
    • MachineLearning011: Check for Appropriate SSH Admin Public Key Management: This rule ensures that SSH admin public key is properly configured when SSH is enabled.
    • AIServices-018: Azure AI Foundry Network Access Restriction: This rule ensuress that only allowed networks can access the Azure AI Foundry resources deployed across your organization.