Claude Compliance Collector prerequisites

Views:

Before deploying the Claude Compliance Collector, make sure you have the required accounts, API credentials, and AWS access in place.

Claude Enterprise Plan

The Anthropic Compliance API is only available on the Claude Enterprise plan. Verify that your organization has an active Claude Enterprise subscription before continuing.

The Compliance API must be enabled for your organization before you can generate a Compliance Access Key. A Claude Enterprise Primary Owner can enable it by going to Organization settings → Data and privacy and selecting Enable under Compliance API.

Anthropic Compliance Access Key

The Compliance Access Key allows the collector to read chat activity and message content from your organization's Claude usage.

The key requires the following scopes:

read:compliance_activities — access to the Activity Feed for chat discovery
read:compliance_user_data — access to retrieve chat message content

To generate the key, see Get access to the Compliance API in the Claude API docs.

TrendAI Vision One™ API key

The TrendAI Vision One™ API key enables the collector to forward chat content to AI Guard for policy scanning. The key requires the AI Guard - Call detection API permission.

For instructions on generating the API key, see Add an API key.

TrendAI Vision One™ Regional Base URL

Select the base URL that corresponds to your TrendAI Vision One™ regional deployment. You can confirm your region by checking the URL when signed in to TrendAI Vision One™ — the region code in the URL matches the API subdomain.

Region	Base URL
United States	`https://api.xdr.trendmicro.com`
Europe	`https://api.eu.xdr.trendmicro.com`
Australia	`https://api.au.xdr.trendmicro.com`
Japan	`https://api.jp.xdr.trendmicro.com`
Singapore	`https://api.sg.xdr.trendmicro.com`
India	`https://api.in.xdr.trendmicro.com`

AWS Account

The collector deploys as an AWS CloudFormation stack. Verify the following before deployment:

You have an AWS account with permission to create CloudFormation stacks, Lambda functions, SQS queues, EventBridge schedules, Secrets Manager secrets, IAM roles, and CloudWatch Log Groups.
The AWS region you deploy into meets your data residency requirements.

Important

Kubernetes deployment support is planned for a future release. AWS is the only supported deployment environment in this release.

AI Guard Policy

The Claude Compliance Collector forwards Claude conversation content to AI Guard for scanning. Before deploying the collector, configure an AI Guard scan policy to define what to scan for. For instructions, see Integrate Trend-hosted AI Guard.

Important

Only Trend-hosted AI Guard is supported. Self-hosted AI Guard is not supported in this release.