BigQuery ML supports customer-managed encryption keys (CMEK). Along with the default encryption provided by BigQuery, customers can now start using their own Cloud KMS keys for encrypting machine-learning models. We also support encrypting imported TensorFlow models.
Learn more about protecting data with Cloud KMS keys in BigQuery.
Create an encrypted model with a Cloud KMS key
To create an encrypted model, use the
CREATE MODEL
statement and specify KMS_KEY_NAME
in the training options, among others.
CREATE MODEL my_dataset.my_model
OPTIONS(
model_type='linear_reg',
input_label_cols=['your_label'],
kms_key_name='projects/my_project/locations/my_location/keyRings/my_ring/cryptoKeys/my_key')
AS SELECT * FROM my_dataset.my_data
The same syntax also applies to Tensorflow model import.
CREATE MODEL my_dataset.my_model
OPTIONS(
model_type='tensorflow',
path='gs://bucket/path/to/saved_model/*',
kms_key_name='projects/my_project/locations/my_location/keyRings/my_ring/cryptoKeys/my_key')
AS SELECT * FROM my_dataset.my_data
Limitations
Customer-managed encryption keys have the following restrictions when encrypting machine learning models:
Global
region CMEK keys are not supported when creating DNN, Wide-and-Deep, Autoencoder, and Boosted Tree models.Global
region CMEK keys and multi-region CMEK keys, for exampleeu
orus
, are not supported when creating AutoML Table models.
Determine if a model is protected by Cloud KMS
When a model is protected by Cloud KMS key, the key can be shown using
the bq show
command. The key used for encryption can be found under
kmsKeyName
.
bq show -m my_dataset.my_model
You can also use the Google Cloud console to find out the Cloud KMS key for an encrypted model. Learn more about how to show Cloud KMS key in BigQuery.
Change the Cloud KMS key for an encrypted model
Use the bq update
command with the --destination_kms_key
flag to change the
key for a model protected by Cloud KMS.
bq update --destination_kms_key \
projects/my_project/locations/my_location/keyRings/my_ring/cryptoKeys/my_key \
-t my_dataset.my_model
Learn more about how to change the key in BigQuery.
Project and dataset default Cloud KMS key
Users may set up default Cloud KMS keys at the project level and/or the dataset level in BigQuery. In BigQuery ML, these default keys are also supported when creating models. When a project has a default Cloud KMS key, the model created within this project is automatically encrypted by the default key. User can also specify their own keys in training options to encrypt the model. The same applies to the dataset that has a default key.
Learn more about setting a dataset default key in BigQuery.
Other BigQuery ML functions
All other BigQuery ML functions, including evaluation functions
(ML.EVALUATE
,
ML.ROC_CURVE
,
ML.CONFUSION_MATRIX
),
prediction functions (ML.PREDICT
),
model and feature inspection functions
(ML.TRAINING_INFO
,
ML.FEATURE_INFO
,
ML.WEIGHTS
,
ML.CENTROIDS
),
can be used with an encrypted model without the need of specifying its
encryption key.