This document includes the best practices and guidelines for Virtual Private Cloud (VPC) when running generative AI workloads on Google Cloud. Use VPC with Vertex AI to isolate your AI resources from the internet in a secure environment. This network configuration helps protect sensitive data and models from unauthorized access and potential cyberattacks.
You can define granular firewall rules and access controls within your VPC network to restrict traffic and only allow authorized connections to specific resources.
Organize your Vertex AI resources into separate VPC networks based on function or security requirements. This type of organization helps isolate resources and prevents unauthorized access between different projects or teams. You can create dedicated VPC networks for sensitive workloads, such as training models with confidential data, ensuring that only authorized users and services have network access.
You can use Cloud VPN or Cloud Interconnect to establish a secure network connection between your on-premises infrastructure and your Vertex AI environment. Cloud VPN or Cloud Interconnect help enable seamless data transfer and communication between your private network and Google Cloud resources. Consider this integration for scenarios like accessing on-premises data for model training or deploying models to on-premises resources for inference.
Required VPC controls
The following controls are strongly recommended when using VPC.
Block default network creation
| Google control ID | VPC-CO-6.1 |
|---|---|
| Category | Required |
| Description | The compute.skipDefaultNetworkCreation boolean constraint skips the creation of the default network and related resources when creating Google Cloud projects. By default, a network is automatically created with firewall rules and network configurations which might not be considered secure. |
| Applicable products |
|
| Path | constraints/compute.skipDefaultNetworkCreation |
| Value |
|
| Type | Boolean |
| Related NIST-800-53 controls |
|
| Related CRI profile controls |
|
| Related information |
Define list of VM instances that are permitted external IP addresses
| Google control ID | VPC-CO-6.2 |
|---|---|
| Category | Required |
| Description | The compute.vmExternalIpAccess list constraint defines the set of Compute Engine VM instances that can have external IP addresses. This constraint isn't retroactive. |
| Applicable products |
|
| Path | constraints/compute.vmExternalIpAccess |
| Operator | = |
| Value |
|
| Type | List |
| Related NIST-800-53 controls |
|
| Related CRI profile controls |
|
| Related information |
Define VM instances that can enable IP forwarding
| Google control ID | VPC-CO-6.3 |
|---|---|
| Category | Required |
| Description | The compute.vmCanIpForward constraint defines the VM instances that can enable IP forwarding. By default, any VM can enable IP forwarding in any virtual network. Specify VM instances using one of the following formats:
|
| Applicable products |
|
| Path | constraints/compute.vmCanIpForward |
| Operator | = |
| Value |
|
| Type | List |
| Related NIST-800-53 controls |
|
| Related CRI profile controls |
|
| Related information |
Disable VM-nested virtualization
| Google control ID | VPC-CO-6.6 |
|---|---|
| Category | Required |
| Description | The compute.disableNestedVirtualization boolean constraint disables hardware-accelerated nested virtualization for Compute Engine VMs. |
| Applicable products |
|
| Path | constraints/compute.disableNestedVirtualization |
| Operator | Is |
| Value |
|
| Type | Boolean |
| Related NIST-800-53 controls |
|
| Related CRI profile controls |
|
| Related information |