BigQuery ML supports customer-managed encryption keys (CMEK). Along with the default encryption provided by BigQuery, customers can now start using their own Cloud KMS keys for encrypting ML models. We also support encrypting imported TensorFlow models.
Learn more about protecting data with Cloud KMS keys in BigQuery.
Create an encrypted model with a Cloud KMS key
To create an encrypted model, use the
statement and specify
KMS_KEY_NAME in the training options, among others.
CREATE MODEL my_dataset.my_model OPTIONS( model_type='linear_reg', input_label_cols=['your_label'], kms_key_name='projects/my_project/locations/my_location/keyRings/my_ring/cryptoKeys/my_key') AS SELECT * FROM my_dataset.my_data
The same syntax also applies to Tensorflow model import.
CREATE MODEL my_dataset.my_model OPTIONS( model_type='tensorflow', path='gs://bucket/path/to/saved_model/*', kms_key_name='projects/my_project/locations/my_location/keyRings/my_ring/cryptoKeys/my_key') AS SELECT * FROM my_dataset.my_data
Determine if a model is protected by Cloud KMS
When a model is protected by Cloud KMS key, the key can be shown using
bq show command. The key used for encryption can be found under
bq show -m my_dataset.my_model
You can also use BigQuery UI to find out the Cloud KMS key for an encrypted model. Learn more about how to show Cloud KMS key in BigQuery.
Change the Cloud KMS key for an encrypted model
bq update command with the
--destination_kms_key flag to change the
key for a table protected by Cloud KMS.
bq update --destination_kms_key \ projects/my_project/locations/my_location/keyRings/my_ring/cryptoKeys/my_key \ -t my_dataset.my_model
Learn more about how to change the key in BigQuery.
Project and dataset default Cloud KMS key
Users may set up default Cloud KMS keys at the project level and/or the dataset level in BigQuery. In BigQuery ML, these default keys are also supported when creating models. When a project has a default Cloud KMS key, the model created within this project is automatically encrypted by the default key. User can also specify their own keys in training options to encrypt the model. The same applies to the dataset that has a default key.
Learn more about setting a dataset default key in BigQuery.
Other BigQuery ML functions
All other BigQuery ML functions, including evaluation functions
prediction functions (
model and feature inspection functions
can be used with an encrypted model without the need of specifying its