Mantieni tutto organizzato con le raccolte
Salva e classifica i contenuti in base alle tue preferenze.
Utilizzo di una Shielded VM con blocchi note gestiti dall'utente
In questo modo, puoi avere la certezza che le tue istanze non siano state compromesse da malware o rootkit a livello di avvio o di kernel, poiché la VM schermata offre un'integrità verificabile delle istanze VM di Compute Engine.
L'integrità verificabile della VM schermata è ottenuta mediante l'utilizzo dell'avvio protetto, dell'avvio con misurazioni abilitato Virtual Trusted Platform Module (vTPM) e del monitoraggio dell'integrità.
Per ulteriori informazioni, consulta VM schermate.
Requisiti e limitazioni
Per utilizzare la VM protetta con i notebook gestiti dall'utente,
devi creare
un'immagine VM per il deep learning con un sistema operativo Debian 10 della versione M51 o successiva.
Quando utilizzi Vertex AI Workbench, non puoi utilizzare
istanze di notebook gestiti dall'utente con VM isolate
che utilizzano acceleratori GPU.
Creare un'istanza di notebook gestiti dall'utente utilizzando una VM protetta
Per creare una VM protetta che puoi utilizzare con i blocchi note gestiti dall'utente, completa i seguenti passaggi:
Seleziona la famiglia di immagini su cui vuoi basare l'istanza. Utilizza il seguente comando Google Cloud CLI per elencare le famiglie di immagini disponibili compatibili con i blocchi note gestiti dall'utente e le VM Shielded. Puoi eseguire il comando in
Cloud Shell
o in qualsiasi ambiente in cui è installato Google Cloud CLI.
[[["Facile da capire","easyToUnderstand","thumb-up"],["Il problema è stato risolto","solvedMyProblem","thumb-up"],["Altra","otherUp","thumb-up"]],[["Difficile da capire","hardToUnderstand","thumb-down"],["Informazioni o codice di esempio errati","incorrectInformationOrSampleCode","thumb-down"],["Mancano le informazioni o gli esempi di cui ho bisogno","missingTheInformationSamplesINeed","thumb-down"],["Problema di traduzione","translationIssue","thumb-down"],["Altra","otherDown","thumb-down"]],["Ultimo aggiornamento 2025-09-04 UTC."],[],[],null,["# Use a shielded virtual machine with Vertex AI Workbench user-managed notebooks\n\nUse a shielded virtual machine with user-managed notebooks\n==========================================================\n\n\n| Vertex AI Workbench user-managed notebooks is\n| [deprecated](/vertex-ai/docs/deprecations). On\n| April 14, 2025, support for\n| user-managed notebooks will end and the ability to create user-managed notebooks instances\n| will be removed. Existing instances will continue to function\n| but patches, updates, and upgrades won't be available. To continue using\n| Vertex AI Workbench, we recommend that you\n| [migrate\n| your user-managed notebooks instances to Vertex AI Workbench instances](/vertex-ai/docs/workbench/user-managed/migrate-to-instances).\n\n\u003cbr /\u003e\n\nSo you can be confident that your instances have not been compromised by\nboot- or kernel-level malware or rootkits,\nShielded VM offers verifiable integrity of Compute Engine VM\ninstances.\nShielded VM's verifiable integrity is achieved through the\nuse of [Secure Boot](/compute/shielded-vm/docs/shielded-vm#secure-boot),\n[virtual trusted platform module\n(vTPM)](/compute/shielded-vm/docs/shielded-vm#vtpm)-enabled [Measured\nBoot](/compute/shielded-vm/docs/shielded-vm#measured-boot), and [integrity\nmonitoring](/compute/shielded-vm/docs/shielded-vm#integrity-monitoring).\n\nFor more information, see\n[Shielded VM](/security/shielded-cloud/shielded-vm).\n\nRequirements and limitations\n----------------------------\n\nTo use Shielded VM with user-managed notebooks,\nyou must create\na Deep Learning VM Images with a Debian 10 OS that\nis [version\nM51](/deep-learning-vm/docs/release-notes#July_13_2020)\nor higher.\n\nWhile using Vertex AI Workbench, you can't use\nshielded VM user-managed notebooks instances\nthat use GPU accelerators.\n\nCreate a user-managed notebooks instance using a shielded VM\n------------------------------------------------------------\n\nTo create a shielded VM that you can use with\nuser-managed notebooks, complete the following steps:\n\n1. [Select the image family](/vertex-ai/docs/workbench/user-managed/images) that you want your instance to be based\n on. Use the following [Google Cloud CLI](/sdk/gcloud) command to\n list the available image families that are compatible\n with user-managed notebooks\n and Shielded VM. You can run the command in\n [Cloud Shell](https://console.cloud.google.com?cloudshell=true)\n or any environment where the [Google Cloud CLI](/sdk/docs)\n is installed.\n\n ```bash\n gcloud compute images list \\\n --project deeplearning-platform-release \\\n --no-standard-images | grep debian-10\n ```\n2. Use the following command to create the Compute Engine instance.\n\n ```bash\n gcloud compute instances create nb-legacy2 \\\n --image-project=deeplearning-platform-release \\\n --image-family=MY_IMAGE_FAMILY \\\n --metadata=\"proxy-mode=service_account\" \\\n --scopes=https://www.googleapis.com/auth/cloud-platform \\\n --shielded-secure-boot \\\n --zone=MY_ZONE\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003eMY_IMAGE_FAMILY\u003c/var\u003e: the image family name that you want to use to create your VM\n - \u003cvar translate=\"no\"\u003eMY_ZONE\u003c/var\u003e: the zone where you want your instance to be located\n3. [Register your Compute Engine VM with the\n Notebooks API](/vertex-ai/docs/workbench/user-managed/registering-legacy-notebooks#register).\n\nWhat's next\n-----------\n\n- Learn more about [user-managed notebooks image\n families](/vertex-ai/docs/workbench/user-managed/images).\n\n- Learn more about [modifying Shielded VM\n options](/compute/shielded-vm/docs/modifying-shielded-vm)."]]