Logo of Trend Micro
Use the Conformity Knowledge Base AI to help improve your Cloud Posture

Enable Integrity Monitoring for Workbench Instances

Trend Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 1000 automated best practice checks.

Risk Level: Medium (should be achieved)
Rule ID: VertexAI-007

Ensure that the Integrity Monitoring feature is enabled for your Google Cloud Vertex AI notebook instances to automatically check and monitor the runtime boot integrity of your shielded notebook instances using Google Cloud Monitoring. The feature requires Virtual Trusted Platform Module (vTPM).

This rule resolution is part of the Conformity Security & Compliance tool for GCP.

Security

Integrity Monitoring enables monitoring and attestation of the boot integrity for Vertex AI notebook instances. The attestation is performed against the integrity policy baseline. This baseline is initially derived from the implicitly trusted boot image when the instance is created. To protect your application data and ensure that the boot loader on your instances remains untampered, it is strongly recommended to enable Integrity Monitoring for your Vertex AI notebook instances.

Audit

To determine if Integrity Monitoring is enabled for your Vertex AI notebook instances, perform the following operations:

Using GCP Console

01 Sign in to the Google Cloud Management Console.

02 Select the GCP project that you want to examine from the console top navigation bar.

03 Navigate to Vertex AI console available at https://console.cloud.google.com/vertex-ai.

04 In the main navigation panel, under NOTEBOOKS, choose Workbench, and select the INSTANCES tab.

05 Choose View: INSTANCES to list the Vertex AI notebook instances created for the selected GCP project.

06 Click on the name (link) of the notebook instance that you want to examine.

07 Select the SOFTWARE AND SECURITY tab and check the Integrity Monitoring feature status. If the Integrity Monitoring status is set to Disabled, the Integrity Monitoring feature is not enabled for the selected Vertex AI notebook instance.

08 Repeat steps no. 6 and 7 for each Vertex AI notebook instance launched for the selected GCP project.

09 Repeat steps no. 2 – 8 for each project deployed within your Google Cloud account.

Using GCP CLI

01 Run projects list command (Windows/macOS/Linux) with custom query filters to list the ID of each project available in your Google Cloud account: 

gcloud projects list
  --format="table(projectId)"

02 The command output should return the requested GCP project ID(s): 

PROJECT_ID
cc-vertex-project-123123
cc-appdata-project-112233

03 Run workbench instances list command (Windows/macOS/Linux) with the ID of the GCP project that you want to examine as the identifier parameter, to describe the name of each Vertex AI notebook instance created for the selected project: 

gcloud workbench instances list
  --project cc-vertex-project-123123
  --location=us-central1-a
  --format="(NAME)"

04 The command output should return the requested notebook instance names: 

NAME: tm-vertex-ai-notebook-instance
NAME: tm-development-notebook-instance

05 Run workbench instances describe command (Windows/macOS/Linux) with the name of the Vertex AI notebook instance that you want to examine as the identifier parameter and custom output filters to describe the Integrity Monitoring feature status for the selected instance: 

gcloud workbench instances describe tm-vertex-ai-notebook-instance
  --location=us-central1-a
  --format="yaml(gceSetup.shieldedInstanceConfig.enableIntegrityMonitoring)"

06 The command output should return the feature configuration status: 

gceSetup:
	shieldedInstanceConfig: {}

If the workbench instances describe command output returns null, Integrity Monitoring is not enabled for the selected instance. If the command output returns an empty object (i.e. {}) or an object without enableIntegrityMonitoring: true for the gceSetup.shieldedInstanceConfig configuration attribute, as shown in the output example above, the Integrity Monitoring feature is not enabled for the selected Vertex AI notebook instance.

07 Repeat steps no. 5 and 6 for each Vertex AI notebook instance provisioned for the selected GCP project.

08 Repeat steps no. 3 – 7 for each GCP project deployed in your Google Cloud account.

Remediation / Resolution

To enable the Integrity Monitoring feature for your Google Cloud Vertex AI notebook instances, perform the following operations:

Enabling Integrity Monitoring for Vertex AI notebook instances using Google Cloud Platform (GCP) console is not currently supported.

Using GCP CLI

01 Vertex AI notebook instances must be stopped before updating the shielded_instance_config configuration parameters. To stop your notebook instance, run workbench instances stop command (Windows/macOS/Linux) with the name of the instance that you want to stop as the identifier parameter: 

gcloud workbench instances stop tm-vertex-ai-notebook-instance
  --location=us-central1-a
  --format="yaml(state)"

02 The command output should return the new operational status for the selected notebook instance: 

Waiting for operation on Instance [tm-vertex-ai-notebook-instance] to be updated with [projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234]...done.
Updated workbench instance tm-vertex-ai-notebook-instance [https://notebooks.googleapis.com/v2/projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234].

state: STOPPED

03 Integrity Monitoring requires Virtual Trusted Platform Module (vTPM). To enable vTPM for your notebook instance, follow the steps outlined on this page. Once vTPM is enabled, run workbench instances update command (Windows/macOS/Linux) with the name of the Vertex AI notebook instance that you want to update as the identifier parameter, to enable Integrity Monitoring for the selected notebook instance: 

gcloud workbench instances update tm-vertex-ai-notebook-instance
  --location=us-central1-a
  --shielded-integrity-monitoring true
  --format="yaml(gceSetup.shieldedInstanceConfig.enableIntegrityMonitoring)"

04 The command output should return the current status of the Integrity Monitoring feature: 

Waiting for operation on Instance [tm-vertex-ai-notebook-instance] to be updated with [projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234]...done.
Updated workbench instance tm-vertex-ai-notebook-instance [https://notebooks.googleapis.com/v2/projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234].

gceSetup:
	shieldedInstanceConfig:
	enableIntegrityMonitoring: true

05 To restart your Vertex AI notebook instance, run workbench instances start command (Windows/macOS/Linux) with the name of the instance that you want to start as the identifier parameter: 

gcloud workbench instances start tm-vertex-ai-notebook-instance
  --location=us-central1-a
  --format="yaml(state)"

06 The command output should return the new status of the selected notebook instance: 

Waiting for operation on Instance [tm-vertex-ai-notebook-instance] to be updated with [projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234]...done.
Updated workbench instance tm-vertex-ai-notebook-instance [https://notebooks.googleapis.com/v2/projects/cc-vertex-project-123123/locations/us-central1-a/operations/operation-abcd1234abcd-abcd1234abcd-abcd1234-abcd1234].

state: PROVISIONING

07 Repeat step no. 1 – 6 for each Vertex AI notebook instance that you want to update, created for the selected GCP project.

08 Repeat steps no. 1 – 7 for each GCP project deployed in your Google Cloud account.

References

Publication date Jul 8, 2024

Related VertexAI rules