Use the Conformity Knowledge Base AI to help improve your Cloud Posture

Enable Secure Boot for Notebook Instances

Trend Micro Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 750 automated best practice checks.

Risk Level: Medium (should be achieved)
Rule ID: VertexAI-003

Ensure that the Secure Boot security feature is enabled for your Vertex AI notebook instances in order to protect them against malware and rootkits. Secure Boot helps ensure that the system runs only authentic software by verifying the digital signature of all boot components, and halts the boot process if the signature verification fails. Secure Boot is disabled by default because of the third-party unsigned kernel modules that can't be loaded when the feature is enabled. If you don't use third-party unsigned kernel modules, it is highly recommended to enable Secure Boot for your Vertex AI notebook instances.

This rule resolution is part of the Conformity Security & Compliance tool for GCP.

Security

Enabling Secure Boot for Vertex AI notebook instances enhances security by ensuring that only authorized software is executed. This protects against boot-level and kernel-level malware, including rootkits, thereby strengthening the overall security of your AI workloads.


Audit

To determine if your Vertex AI notebook instances are protected with Secure Boot, perform the following operations:

Using GCP Console

01 Sign in to the Google Cloud Management Console.

02 Select the GCP project that you want to examine from the console top navigation bar.

03 Navigate to Vertex AI console available at https://console.cloud.google.com/vertex-ai.

04 In the main navigation panel, under NOTEBOOKS, choose Workbench, and select the INSTANCES tab.

05 Choose View: INSTANCES to list the Vertex AI notebook instances created for the selected GCP project.

06 Click on the name (link) of the notebook instance that you want to examine.

07 Select the SOFTWARE AND SECURITY tab and check the Secure boot feature status. If the Secure boot status is set to Disabled, the Secure Boot security feature is not enabled for the selected Vertex AI notebook instance.

08 Repeat steps no. 6 and 7 for each Vertex AI notebook instance launched for the selected GCP project.

09 Repeat steps no. 2 – 8 for each project deployed within your Google Cloud account.

Using GCP CLI

01 Run projects list command (Windows/macOS/Linux) with custom query filters to list the ID of each project available in your Google Cloud account:

gcloud projects list
  --format="table(projectId)"

02 The command output should return the requested GCP project ID(s):

PROJECT_ID
cc-vertex-project-123123
cc-appdata-project-112233

03 Run workbench instances list command (Windows/macOS/Linux) with the ID of the GCP project that you want to examine as the identifier parameter, to describe the name of each Vertex AI notebook instance created for the selected project:

gcloud workbench instances list
  --project cc-vertex-project-123123
  --location=us-central1-a
  --format="(NAME)"

04 The command output should return the requested notebook instance names:

NAME: tm-vertex-ai-notebook-instance
NAME: tm-development-notebook-instance

05 Run workbench instances describe command (Windows/macOS/Linux) with the name of the Vertex AI notebook instance that you want to examine as the identifier parameter and custom output filters to describe the Secure Boot feature status for the selected instance:

gcloud workbench instances describe tm-vertex-ai-notebook-instance
  --location=us-central1-a
  --format="yaml(gceSetup.shieldedInstanceConfig.enableSecureBoot)"

06 The command output should return the feature configuration status:

gceSetup:
	shieldedInstanceConfig: {}

If the workbench instances describe command output returns null, Secure Boot is not enabled for the selected instance. If the command output returns an empty object (i.e. {}) or an object without enableSecureBoot: true for the gceSetup.shieldedInstanceConfig configuration attribute, as shown in the output example above, the Secure Boot feature is not enabled for the selected Vertex AI notebook instance.

07 Repeat steps no. 5 and 6 for each Vertex AI notebook instance provisioned for the selected GCP project.

08 Repeat steps no. 3 – 7 for each GCP project deployed in your Google Cloud account.

Remediation / Resolution

To enable the Secure Boot security feature for your Google Cloud Vertex AI notebook instances, perform the following operations:

Enabling Secure Boot for Vertex AI notebook instances using Google Cloud Platform (GCP) console is not currently supported.

Using GCP CLI

01 Vertex AI notebook instances must be stopped before updating the shielded_instance_config configuration parameters. To stop your notebook instance, run workbench instances stop command (Windows/macOS/Linux) with the name of the instance that you want to stop as the identifier parameter:

gcloud workbench instances stop tm-vertex-ai-notebook-instance
  --location=us-central1-a
  --format="yaml(state)"

02 The command output should return the new operational status for the selected notebook instance:

Waiting for operation on Instance [tm-vertex-ai-notebook-instance] to be updated with [projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234]...done.
Updated workbench instance tm-vertex-ai-notebook-instance [https://notebooks.googleapis.com/v2/projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234].

state: STOPPED

03 Run workbench instances update command (Windows/macOS/Linux) with the name of the Vertex AI notebook instance that you want to update as the identifier parameter, to enable the Secure Boot feature for the selected notebook instance:

gcloud workbench instances update tm-vertex-ai-notebook-instance
  --location=us-central1-a
  --shielded-secure-boot true
  --format="yaml(gceSetup.shieldedInstanceConfig.enableSecureBoot)"

04 The command output should return the current status of the Secure Boot feature:

Waiting for operation on Instance [tm-vertex-ai-notebook-instance] to be updated with [projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234]...done.
Updated workbench instance tm-vertex-ai-notebook-instance [https://notebooks.googleapis.com/v2/projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234].

gceSetup:
	shieldedInstanceConfig:
	enableSecureBoot: true

05 To restart your Vertex AI notebook instance, run workbench instances start command (Windows/macOS/Linux) with the name of the instance that you want to start as the identifier parameter:

gcloud workbench instances start tm-vertex-ai-notebook-instance
  --location=us-central1-a
  --format="yaml(state)"

06 The command output should return the new status of the selected notebook instance:

Waiting for operation on Instance [tm-vertex-ai-notebook-instance] to be updated with [projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234]...done.
Updated workbench instance tm-vertex-ai-notebook-instance [https://notebooks.googleapis.com/v2/projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234].

state: PROVISIONING

07 Repeat step no. 1 – 6 for each Vertex AI notebook instance that you want to update, created for the selected GCP project.

08 Repeat steps no. 1 – 7 for each GCP project deployed in your Google Cloud account.

References

Publication date Jul 8, 2024

Unlock the Remediation Steps


Free 30-day Trial

Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

Confirmity Cloud Platform

No thanks, back to article

You are auditing:

Enable Secure Boot for Notebook Instances

Risk Level: Medium