Security is not Optional

The exam will filter out people who deploy open endpoints. You must know how to lock down Vertex AI.

---

1. Network Constraints

VPC Service Controls (VPC-SC)

• Concept: An invisible perimeter around your Google Cloud project.
• Function: Prevents data from being copied to a bucket outside the perimeter (Exfiltration protection).
• Exam Scenario: "Ensure training data cannot be downloaded to a personal Gmail account." -> VPC-SC.

Private Service Connect / Peering

• Scenario: Your training data is in an on-premise database connected via VPN.
• Action: Use Vertex AI Private Endpoints. This ensures traffic stays on the Google intranet and never touches the public internet.

---

2. Encryption

• Default: Google encrypts everything at rest.
• CMEK (Customer Managed Encryption Keys):
  • Scenario: "The customer requires full control over the encryption keys, including the ability to revoke access immediately."
  • Action: Use Cloud KMS with CMEK to encrypt Vertex AI Datasets and Models.

---

3. IAM (Identity and Access Management)

Never use the "Default Compute Engine Service Account" (it has Editor permissions!). Principle of Least Privilege:

• Training Job SA: Needs Storage Object Viewer (Read data) and AiPlatform Admin (Write model).
• Pipeline SA: Needs permission to trigger the next step.

---

4. Federated Learning (Privacy)

Scenario: You want to train a keyboard prediction model on user phones, but you cannot upload their keystrokes to the cloud. Solution: TensorFlow Federated.

1. Send model to phone.
2. Train locally on phone.
3. Send weight updates (not data) back to cloud.
4. Average the weights.

---

5. Summary

• VPC-SC: Exfiltration defense.
• Private Endpoints: Network isolation.
• CMEK: Key sovereignty.
• Federated Learning: Data privacy for edge devices.

In the next lesson, we review the exam strategy.

---

Knowledge Check