GRC Store

Search / finos-ccc/ccc.vm.cp / v2026.06-rc4

Release · v2026.06-rc4

FINOS-CCC/CCC.VM.CP Capability Catalog

FINOS-CCC/CCC.VM.CP

Capabilities for Virtual Machines technologies, as defined by the FINOS Common Cloud Controls project.

Published by FINOS Common Cloud Controls

Install

OCI v1.1
$grcli unpack --repository finos-ccc/ccc.vm.cp --tag v2026.06-rc4
Coordinate
oci.grc.store/finos-ccc/ccc.vm.cp:v2026.06-rc4
Manifest digest
sha256:f3a227fe539e334c4ea804b7cc38dbb1dcf22695381a871c70a282cd4f21a29b

Provenance

1 layer
Digest Media type Size
155c6dd50761… application/vnd.gemara.artifact.v1+yaml 9.8 KiB
Bundle config blob 
{
  "bundle-version": "1.0",
  "gemara-version": "v1.2.0",
  "metadata": {
    "provenance": {
      "buildDefinition": {
        "buildType": "https://grc.store/grcli/buildtype/v0",
        "externalParameters": {
          "artifact": {
            "id": "CCC.VM.CP",
            "type": "CapabilityCatalog"
          },
          "target": {
            "registry": "oci.grc.store",
            "repository": "finos-ccc/ccc.vm.cp",
            "tag": "v2026.06-rc4"
          }
        },
        "internalParameters": {
          "CI": "true",
          "GITHUB_ACTIONS": "true",
          "GITHUB_ACTOR": "eddie-knight",
          "GITHUB_REF": "refs/heads/main",
          "GITHUB_REPOSITORY": "eddie-knight/common-cloud-controls",
          "GITHUB_RUN_ATTEMPT": "1",
          "GITHUB_RUN_ID": "26770748733",
          "GITHUB_SHA": "2b6dab4c1307a0ac67d90c99829f6c1825154c84",
          "GITHUB_WORKFLOW": "Batch Release All Catalogs",
          "RUNNER_OS": "Linux"
        },
        "resolvedDependencies": [
          {
            "name": "artifacts/compute/virtual-machines/capabilities.yaml",
            "uri": "file://artifacts/compute/virtual-machines/capabilities.yaml",
            "digest": {
              "sha256": "155c6dd50761c71f647289bb68f1699fdea8a361818c168eab5c5545f6079e90"
            }
          },
          {
            "name": "source",
            "uri": "git+https://github.com/eddie-knight/common-cloud-controls@2b6dab4c1307a0ac67d90c99829f6c1825154c84",
            "digest": {
              "gitCommit": "2b6dab4c1307a0ac67d90c99829f6c1825154c84"
            }
          }
        ]
      },
      "runDetails": {
        "builder": {
          "id": "https://github.com/eddie-knight/common-cloud-controls/actions/runs/26770748733",
          "version": {
            "go": "go1.25.0",
            "go-arch": "amd64",
            "go-os": "linux",
            "grcli": "v0.2.2"
          }
        },
        "metadata": {
          "invocationId": "26770748733-1",
          "startedOn": "2026-06-01T17:27:48.512075152Z",
          "finishedOn": "2026-06-01T17:27:48.734916207Z"
        },
        "byproducts": [
          {
            "name": "capabilities.yaml",
            "digest": {
              "sha256": "155c6dd50761c71f647289bb68f1699fdea8a361818c168eab5c5545f6079e90"
            }
          }
        ]
      }
    }
  },
  "artifacts": [
    {
      "name": "capabilities.yaml",
      "type": "CapabilityCatalog",
      "id": "CCC.VM.CP",
      "role": "artifact"
    }
  ]
}

CCC Virtual Machines Capabilities

Capabilities for Virtual Machines technologies, as defined by the FINOS Common Cloud Controls project.

ID
CCC.VM.CP
Version
v2026.06-rc4
Gemara version
v1.2.0
Author
FINOS Common Cloud Controls

Compute

The Compute group covers entries related to processing, execution, and runtime infrastructure. This includes CPU, memory, storage allocation, network ports, command-line interfaces, and elastic scaling.

  1. CCC.VM.CP01 General Purpose Instances

    Provides a computing instance that provides a balance of compute, memory and networking resources. They are suitable for a wide range of applications.

  2. CCC.VM.CP02 Compute Optimized Instances

    Provides instances that are suited for compute-bound applications that benefits from high performance processors such as batch processing workloads, media transcoding and high performance web servers.

  3. CCC.VM.CP03 Memory Optimized Instances

    Provides instances that are suited for memory intensive applications such as high performance databases, in-memory caches, and real-time big data analytics.

  4. CCC.VM.CP04 Storage Optimized Instances

    Provides instances that are optimized for applications that require high, sequential read and write access to large datasets on local storage such as distributed file systems, data warehousing applications, and high-frequency online transaction processing (OLTP) systems.

  5. CCC.VM.CP05 Accelerated Computing Instances

    Provides instances that use hardware accelerator, or co-processors, such as GPU to perform functions such as floating-point number calculations, graphics processing, or data pattern matching more efficiently.

  6. CCC.VM.CP06 Preemptible Instances

    Providing the option for using preemptible virtual machine (spot) instances at a lower cost for non-critical or fault-tolerant workloads that may be terminated by the cloud provider after a notice period.

  7. CCC.VM.CP07 Dedicated Instances

    Ability to reserve a physical server dedicated to a single customer for regulatory compliance.

  8. CCC.VM.CP10 VM Images

    Provides templates to create new virtual machines. They usually includes operating system, configuration settings and installed applications.

  9. CCC.VM.CP11 Custom Images

    Ability to create virtual machines with images what are created and owned by the customer which are only available within the subscription of the customer.

  10. CCC.VM.CP14 Isolated Secure Environments

    Providing an isolated "enclave" within a virtual machine for processing highly sensitive data such as personal identifiable information, healthcare data and intellectual property. These enclaves are fully isolated from the parent EC2 instance, with no persistent storage, no interactive access, and no external networking.

  11. CCC.VM.CP15 Nested Virtualization

    Ability to create and manage virtual machines within instances.

  12. CCC.VM.CP18 Instance Templates

    Offering templates for provisioning virtual machine instances with pre-configured images, instance types, and network configurations.

  13. CCC.VM.CP19 Bootstrap Scripts

    Ability to provide bootstrap scripts to a VM to run during the instance boot process.

  14. CCC.VM.CP20 Instance Affinity/Anti-affinity

    Enabling control over the location of virtual machine instances to ensure or prevent co-location on the same physical hardware.

  15. CCC.VM.CP22 Instance Remote Access

    Offering remote access to virtual machine instances through methods such as SSH or RDP for troubleshooting, debugging, and maintenance purposes.

  16. CCC.VM.CP23 Instance Live Migration

    Ability to perform live migration of virtual machine instances between physical hosts for maintenance or load balancing purposes without downtime.

Resource Management

The Resource Management group covers entries related to the lifecycle, configuration, and operational integrity of cloud resources. This includes resource exhaustion, tag manipulation, version rollback, scaling, and cost management.

  1. CCC.VM.CP08 Vertical Scaling

    Ability to increase or decrease resources such as cpu, memory, and storage of an existing virtual machine instance.

  2. CCC.VM.CP09 Horizontal Scaling

    Ability to add or remove VM instances assigned to the application to handle increased or decreased workload.

  3. CCC.VM.CP13 Patch Management

    Offering patch management services and compatibility with third-party patch management tools to keep virtual machine instances up to date with security patches and updates.

  4. CCC.VM.CP16 Instance Metadata

    Providing metadata about virtual machine instances for configuration and management purposes.

Data Resilience

The Data Resilience group covers entries related to ensuring data availability, integrity, and sovereignty across its lifecycle. This includes replication, backup, recovery, region restrictions, and protection against data loss or corruption.

  1. CCC.VM.CP12 Interoperability with Storage Options

    Capability to read/write to non-ephemeral external storage including object storage and encrypted block storage.

  2. CCC.VM.CP17 Instance Snapshots

    Creation of snapshots of virtual machine instances to capture and preserve state and data for backup and cloning purposes.

Observability

The Observability group covers entries related to logging, monitoring, metrics, alerting, and event publication. This includes audit trail integrity, enumeration detection, and protection against tampering or unauthorized access to operational telemetry.

  1. CCC.VM.CP21 Instance Health Checks

    Exposing health checks on virtual machine instances so that unhealthy instances can be automatically replaced or repaired.

Encryption

The Encryption group covers entries related to protecting data confidentiality and integrity through cryptographic mechanisms. This includes encryption in transit and at rest, key management, and certificate lifecycle management.

  1. CCC.VM.CP24 TPM Support

    Providing support for Trusted Platform Module (TPM) for hardware-based security capabilities such as secure boot and cryptographic key storage.