April 13, 2026, Conformity: A summary of Trend Cloud One Conformity updates for the week ending on 10 April 2026.
New Rules
AWS
-
BedrockAgentCore-001: Require MMDSv2 for AgentCore Runtime: This rule ensures that Amazon Bedrock AgentCore runtimes require MicroVM Metadata Service Version 2 (MMDSv2) to protect against Server-Side Request Forgery (SSRF) attacks.
-
BedrockAgentCore-002: Protect AgentCore Runtime with VPC: This rule ensures that Amazon Bedrock AgentCore runtimes are deployed within a Virtual Private Cloud (VPC) to isolate network traffic and restrict access to private resources.
-
Config-006: AWS Config Aggregator Source Status: This rule ensures that AWS Config Aggregator sources successfully collect configuration and compliance data from all designated accounts and regions.
GCP
-
BigQuery-004: Enable Column-Level Data Masking for BigQuery Tables with Sensitive Data: This rule ensures that Google Cloud BigQuery tables implement column-level data masking policies to protect sensitive data by selectively obscuring it based on user roles and permissions.
OCI
-
OCI-Functions-006: Check for Service Gateway Configuration for Private Function Access: This rule ensures that Virtual Cloud Networks (VCNs) containing OCI Functions applications have a service gateway configured to enable private communication with Oracle Services Network.