Model Garden's organization policy lets you centrally control the models your users can access and the actions they can take. By default, anyone with permissions to use Vertex AI can use Model Garden to discover, customize, and deploy a wide variety of Google and third-party models.
Setting a Model Garden policy might be useful, for example, if you have a set of approved Google and third-party models that can be used in production environments. You can define a policy at the organization, folder, or project level so that your users can only access the approved models. A policy applies to all principals. An organization policy is not a per-user policy. For more information, see Introduction to the Organization Policy Service.
Policy evaluations
At evaluation time, all policies that contribute to a particular resource are reviewed, and only the applicable policies are merged and then evaluated. Any explicit deny value takes precedence over any explicit allow value.
For example, imagine you have a folder policy that denies a specific model and a project policy that allows that same model. Assuming that the policies are merged, access to the model is denied at the project level because the explicit deny policy at the folder level takes precedence. However, if you set the project policy to override all parent policies, then access to the model is allowed at the project level.
For more information, see Understanding hierarchy evaluation in the Resource Manager documentation.
Considerations
- The Model Garden organization policy only applies to models in Model Garden. For example, this policy doesn't apply to models that are registered in Vertex AI Model Registry.
- An organization policy can't exceed 500 allowed and denied values.
- For a custom policy, you must specify each model individually. You cannot allow or deny a group of models. For example, you can't deny all third-party models or allow the predict action for only Google models.
- For Gemini models, you can allow or deny specific model versions,
such as
gemini-1.5-pro-002
. Other Google models don't support this level of granularity. For example, atext-bison
policy applies to all versions of thetext-bison
model.
Policy details
When you set a policy, you define one of the following actions:
- Allow all models.
- Deny all models.
- Set a custom policy rule to allow or deny a specific list of models.
By default, if no policy is set or inherited, all models and actions are allowed.
For a custom deny policy, you explicitly deny a list of models and implicitly allow all other models. Similarly, for a custom allow policy, you explicitly allow a list of models and implicitly deny all other models.
To specify models in a custom policy and, optionally, to also specify a particular model action, use the following format:
publishers/PUBLISHER/models/MODEL_NAME:ACTION
Replace the following:
PUBLISHER
: the name of the publisher who owns the model that your policy applies to.MODE_NAME
: the name of the model to allow or deny.ACTION
: a model action to include with your policy.
For example, to define a policy rule on predictions against the
gemini-1.5-pro-002
model, specify
publishers/google/models/gemini-1.5-pro-002:predict
.
The fully qualified ID
(publishers/PUBLISHER/models/MODEL_NAME
) is
also known as the model ID. To find the model ID for a model, go to its model
card in Model Garden. For links to model cards, see the list of models
in Explore AI models in Model Garden.
Model actions
For each model, you can allow or deny the following actions:
predict
: Specifies whether users can make online and batch predictions against a model with a managed API (model as a service).deploy
: For models without a managed API, specifies whether users can deploy models on Google Cloud. For example, this action applies to one-click deployments in the Google Cloud console.tune
: Specifies whether users can tune models.
Set a policy
You can set a policy for Model Garden by using the Google Cloud console or
the Google Cloud CLI. The name of the constraint is
vertexai.allowedModels
. For more information about setting policies, see the
the following topics in the Resource Manager documentation:
- For Google Cloud console instructions, see Creating and managing organization policies.
- For gcloud CLI instructions, see Using constraints.
Example policies
The following example policies are in the YAML format, which you use when setting a policy through the gcloud CLI.
Deny a set of models and allow all other models
The following example denies actions on a specific set of models.
name: organizations/ORGANIZATION_ID/policies/vertexai.allowedModels spec: rules: values: deniedValues: - publishers/google/models/gemini-1.5-pro-002:predict - publishers/meta/models/llama3:deploy - publishers/google/models/gemini-pro:tune - publishers/hf-google/models/gemma-2b:deploy
Replace ORGANIZATION_ID with the ID of your Google Cloud organization. For more information, see Getting an organization resource.
Allow a set of models and deny all other models
The following example allows actions on a specific set of models.
name: organizations/ORGANIZATION_ID/policies/vertexai.allowedModels spec: rules: values: allowedValues: - publishers/google/models/gemini-1.5-pro-002:predict - publishers/meta/models/llama3:deploy - publishers/google/models/gemini-pro:tune - publishers/hf-google/models/gemma-2b
Allow particular versions of a Gemini model
You can specify particular visions of Gemini models. For example, you can set a policy for the following cases:
- All Gemini Pro models
- All versions of the Gemini 1.5 Pro model
- A specific version of the Gemini 1.5 Pro model
For all other models, you can't specify particular versions.
name: organizations/ORGANIZATION_ID/policies/vertexai.allowedModels spec: rules: values: allowedValues: - publishers/google/models/gemini-pro:predict - publishers/google/models/gemini-1.5-pro:predict - publishers/google/models/gemini-1.5-pro-002:predict
What's next
Learn about Model Garden and its offerings.