Best practice rules for GCP VertexAI
- Default VPC Network In Use
Ensure that the default VPC network is not being used for your Vertex AI notebook instances.
- Disable Root Access for Workbench Instances
Ensure root access is disabled for your Vertex AI notebook instances.
- Enable Automatic Upgrades for Workbench Instances
Ensure that automatic upgrades are enabled for your Vertex AI notebook instances.
- Enable Cloud Monitoring for Workbench Instances
Ensure that Cloud Monitoring feature is enabled for your Vertex AI notebook instances.
- Enable Idle Shutdown for Workbench Instances
Ensure that the Idle Shutdown feature is enabled for your Vertex AI notebook instances.
- Enable Integrity Monitoring for Workbench Instances
Ensure that the Integrity Monitoring feature is enabled for your Vertex AI notebook instances.
- Enable Secure Boot for Workbench Instances
Ensure that Secure Boot is enabled for your Vertex AI notebook instances.
- Enable Virtual Trusted Platform Module (vTPM) for Workbench Instances
Ensure that vTPM feature is enabled for your Vertex AI notebook instances.
- Prevent Assigning External IPs to Workbench Instances
Ensure that external IP addresses are not assigned to Vertex AI notebook instances.
- Vertex AI Dataset Encryption with Customer-Managed Encryption Keys
Ensure that Vertex AI datasets are encrypted using Customer-Managed Encryption Keys (CMEKs) (Not Scored).
- Workbench Instance Encryption with Customer-Managed Encryption Keys
Ensure that Vertex AI notebook instances are encrypted using Customer-Managed Encryption Keys (CMEKs).