March 24, 2026, Conformity: A summary of Trend Cloud One Conformity Updates for the week ending on 20 March 2026.
New Rules
Azure
-
Databricks-006: Use Network Security Groups: This rule ensures that your Azure Databricks workspaces are using Network Security Groups (NSGs) for traffic control.
-
Databricks-007: Configure Diagnostic Log Delivery for Azure Databricks: This rule ensures that diagnostic log delivery is configured for Azure Databricks workspaces.
-
KeyVault-020: Check for Certificate Validity Period: This rule ensures that certificates stored in Azure Key Vault are valid for 12 months or less.
GCP
-
Spanner-003: Enable Customer-Managed Encryption Keys (CMEK) for Cloud Spanner Backups: This rule ensures that Google Cloud Spanner backups use customer-managed encryption keys (CMEK) through Cloud KMS rather than default Google-managed encryption.
Updated Rules
The following rule updates may affect your checks and compliance scores:
AWS
-
EKS-001: EKS Cluster Endpoint Public Access: Updated to ensure that AWS EKS cluster endpoint access is not public and prone to security risks.
-
EKS-006: Enable Support for Network Policies: Updated to ensure that EKS clusters are using network policies for proper segmentation and security.
-
EKS-008: Ensure EKS Clusters Are Created with Private Nodes: Updated to ensure that Amazon EKS cluster nodes are configured with private IP addresses only, without public IP addresses assigned.