VPC Service Controls with Vertex AI

VPC Service Controls can help you mitigate the risk of data exfiltration from Vertex AI. Use VPC Service Controls to create a service perimeter that protects the resources and data that you specify. For example, when you use VPC Service Controls to protect Vertex AI, the following artifacts cannot leave your service perimeter:

  • Training data for an AutoML model or custom model
  • Models that you created
  • Requests for online predictions
  • Results from a batch prediction request

Service perimeter creation

When you create a service perimeter, include Vertex AI (aiplatform.googleapis.com) as a protected service. You aren't required to include any additional services for Vertex AI to function. However, Vertex AI won't be able to reach resources outside the perimeter, such as files in a Cloud Storage bucket that is outside the perimeter.

For more information about creating a service perimeter, see Creating a service perimeter in the VPC Service Controls documentation.

Limitations

The following limitations apply when you use VPC Service Controls:

  • Preview features are under VPC Service Controls Preview launch stage.
  • For data labeling, you must add labelers' IP addresses to an access level.
  • For Google Cloud Pipeline Components, the components launch containers that check their base image for all requirements. If requirements are missing, download the requirement from the Python Package Index (PyPI). The KFP package, as well as any packages listed in the packages_to_install argument are the requirements for a container. If a requirement is specified that is not present in the base image (either provided or custom) the component will fail if it isn't able to download the requirements.