This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

VPC service controls and CMEK for Generative AI

Posted on 10-04-2023 11:50 PM
Mouzma
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

https://cloud.google.com/vertex-ai/docs/general/features#genai

According to the above link, Generative AI on Vertex AI supports CMEK and VPC Service Controls. However, I don't see how we can actually use these two security controls with Gen AI? I looked into docs, I tested on Google, but I couldn't find a way to use these two security controls. If anyone has used CMEK and/or VPC Service control with Gen AI, please enlighten me also.

1 2 1,471
Topic Labels
2 REPLIES 2

Posted on --/--/---- --:-- AM
Poala_Tenorio
Staff
Reply posted on --/--/---- --:-- AM

These are some general information on how you might use Cloud Managed Encryption Keys (CMEK) and VPC Service Controls with Google Cloud's Vertex AI for security purposes.

Cloud Managed Encryption Keys (CMEK) allows you to use your own encryption keys to protect your data. This can be helpful for securing data used by Vertex AI. To set up CMEK for Vertex AI, you would typically follow these steps:

Establish Key Ring and Key: Create a key ring and corresponding key through Google Cloud's Key Management Service (KMS) to govern encryption keys.

Delegate Key Access: Ensure that the requisite service accounts or users possess access privileges to these keys.

Configure Vertex AI Resources: Adapt your Vertex AI assets, such as storage repositories or training processes, to utilize keys from your Key Ring.

Monitoring and Auditing: Set up a monitoring and auditing system to oversee the application and utilization of encryption keys.

 

VPC Service Controls introduce heightened security for Google Cloud services by setting up protective perimeters around assets, including Vertex AI. To employ VPC Service Controls for Vertex AI:

Formulate a VPC Service Perimeter: Create a defined security boundary encompassing your Vertex AI resources.

Specify Access Levels: Define the levels of access within the perimeter, stipulating which resources can be accessed and the authorized sources.

Enforce the Perimeter: Assign the VPC Service Perimeter to your Vertex AI resources to constrict resource access.

Validate and Monitor: Test the configuration to validate its ability to restrict access as intended and arrange continuous monitoring to identify security breaches.

Remember that the precise configurations may fluctuate contingent on your organization's distinct security protocols and prerequisites. To ensure the accurate implementation of CMEK and VPC Service Controls with Vertex AI tailored to your security needs, it is advisable to reference Google Cloud's documentation or seek support from their assistance or a dedicated security professional.

0 Likes

Posted on --/--/---- --:-- AM
Mouzma
Bronze 2
Bronze 2
In response to Poala_Tenorio
Reply posted on --/--/---- --:-- AM

How can I use CMEK and VPC Service controls with Generative AI in Vertex? Do you know the steps, or can you share a link? I need it specifically for Generative AI.

0 Likes