Views:

September 8, 2025, Conformity: A summary of Trend Cloud One Conformity Updates for the week ending on 5 September 2025.

GCP Rules

  • ComputeEngine-021: Check for Publicly Shared Disk Images: This rule ensures that your virtual machine disk images are not publicly shared with all other Google Cloud Platform (GCP) accounts in order to avoid exposing sensitive or confidential data.
  • GKE-030: Use Confidential GKE Cluster Nodes: This rule ensures that your Google Kubernetes Engine (GKE) cluster node pools use confidential GKE nodes to encrypt all running workloads.
  • CloudRun-011: Check for the Maximum Number of Container Instances: This rule prevents uncontrolled scaling, resource exhaustion, and unexpected costs when auto-scaling.
  • CloudRun-001: Check for the Minimum Number of Container Instances: This rule ensures that your Google Cloud Run services have a sufficient number of container instances configured to minimize cold start latency and enhance performance.
  • CloudRun-003: Enable Automatic Runtime Security Updates: This rule ensures that automatic runtime security updates are enabled for your Cloud Run services in order to keep the services secure and protected against vulnerabilities without manual intervention.
  • CloudSQL-036: Enable "log_checkpoints" Flag for PostgreSQL Database Server Configuration: This rule ensures that "log_checkpoints" database flag is enabled for all PostgreSQL database instances available within your Google Cloud Platform (GCP) account.
  • SecretManager-003: Enable Rotation Schedules for Secret Manager Secrets: This rule ensures that rotation periods are configured for all Secret Manager secrets available within your Google Cloud Platform (GCP) account to minimize the risk of unauthorized access or misuse of secrets.
  • CloudSQL-035: Enable "slow_query_log" Flag for MySQL Database Servers: This rule ensures that the "slow_query_log" database flag is enabled for your Google Cloud MySQL database instances.
  • CloudSQL-039: Enable Automatic Storage Increase: This rule ensures that Automatic Storage Increase feature is enabled for your production Google Cloud SQL database instances.

Azure Rules

  • CosmosDB-009: Use Managed Identities for Azure Cosmos DB Accounts: This rule ensures that your Microsoft Azure Cosmos DB accounts are using system-assigned and/or user-assigned managed identities to allow secure access to other cloud protected resources such as Azure Storage accounts.