Predefined posture for secure AI, essentials

This page describes the preventative and detective policies that are included in the v1.0.0 version of the predefined posture for secure AI, essentials. This posture includes two policy sets:

A policy set that includes organization policies that apply to Gemini Enterprise Agent Platform workloads.
A policy set that includes custom Security Health Analytics detectors that apply to Gemini Enterprise Agent Platform workloads.

You can use this posture to configure a security posture that helps protect Gemini and Gemini Enterprise Agent Platform resources. You can deploy this predefined posture without making any changes.

Policy	Description	Compliance standards
`ainotebooks.disableFileDownloads`	This constraint prevents the creation of Agent Platform Workbench instances with the file download option enabled. By default, the file download option can be enabled on any Agent Platform Workbench instance. The value is `true` to turn off file downloads on new Agent Platform Workbench instances.	NIST SP 800-53 control: AC-3(1)
`ainotebooks.disableRootAccess`	This constraint prevents newly created Agent Platform Workbench user-managed notebooks and instances from enabling root access. By default, Agent Platform Workbench user-managed notebooks and instances can have root access enabled. The value is `true` to disable root access on new Agent Platform Workbench user-managed notebooks and instances.	NIST SP 800-53 control: AC-3 and AC-6(2)
`ainotebooks.disableTerminal`	This constraint prevents the creation of Agent Platform Workbench instances with the terminal enabled. By default, the terminal can be enabled on Agent Platform Workbench instances. The value is `true` to disable the terminal on new Agent Platform Workbench instances.	NIST SP 800-53 control: AC-3, AC-6, and CM-2
`ainotebooks.requireAutoUpgradeSchedule`	This constraint requires that newly created Agent Platform Workbench user-managed notebooks and instances have an automatic upgrade schedule set. The value is `true` to require automatic scheduled upgrades on new Agent Platform Workbench user-managed notebooks and instances.	NIST SP 800-53 control: AU-9, CM-2, and CM-6
`ainotebooks.restrictPublicIp`	This constraint restricts public IP access to newly created Agent Platform Workbench notebooks and instances. By default, public IP addresses can access Agent Platform Workbench notebooks and instances. The value is `true` to restrict public IP access on new Agent Platform Workbench notebooks and instances.	NIST SP 800-53 control: AC-3, AC-4, and SC-7

Security Health Analytics detectors

The following table describes the custom modules for Security Health Analytics that are included in the predefined posture.

Detector name	Applicable resource	Description	Compliance standards
vertexAIDataSetCMEKDisabled	`aiplatform.googleapis.com/Dataset`	This detector checks whether any dataset isn't encrypted using a customer-managed encryption key (CMEK). To resolve this finding, verify that you created the key and key ring, set up permissions, and provided the key when you created your dataset. For instructions, see Configure CMEK for your resources	NIST SP 800-53 control: SC-12 and SC-13
vertexAIModelCMEKDisabled	`aiplatform.googleapis.com/Model`	This detector checks whether a model isn't encrypted using a CMEK. To resolve this finding, verify that you created the key and key ring, set up permissions, and provided the key when you created your model. For instructions, see Configure CMEK for your resources.	NIST SP 800-53 control: SC-12 and SC-13
vertexAIEndpointCMEKDisabled	`aiplatform.googleapis.com/Endpoint`	This detector checks whether an endpoint isn't encrypted using a CMEK. To resolve this finding, verify that you created the key and key ring, set up permissions, and provided the key when you created your endpoint. For instructions, see Configure CMEK for your resources.	NIST SP 800-53 control: SC-12 and SC-13
vertexAITrainingPipelineCMEKDisabled	`aiplatform.googleapis.com/TrainingPipeline`	This detector checks whether a training pipeline isn't encrypted using a CMEK. To resolve this finding, verify that you created the key and key ring, set up permissions, and provided the key when you created your training pipeline. For instructions, see Configure CMEK for your resources.	NIST SP 800-53 control: SC-12 and SC-13
vertexAICustomJobCMEKDisabled	`aiplatform.googleapis.com/CustomJob`	This detector checks whether a job that runs a custom workload isn't encrypted using a CMEK. To resolve this finding, verify that you created the key and key ring, set up permissions, and provided the key when you created your custom job. For instructions, see Configure CMEK for your resources.	NIST SP 800-53 control: SC-12 and SC-13
vertexAIDataLabelingJobHyperparameterTuningJobCMEKDisabled	`aiplatform.googleapis.com/HyperparameterTuningJob`	This detector checks whether a hyperparameter tuning job isn't encrypted using a CMEK. To resolve this finding, verify that you created the key and key ring, set up permissions, and provided the key when you created your hyperparameter tuning job. For instructions, see Configure CMEK for your resources.	NIST SP 800-53 control: SC-12 and SC-13

View the posture template

To view the posture template for secure AI, essentials, do the following:

gcloud

Before using any of the command data below, make the following replacements:

ORGANIZATION_ID: the numeric ID of the organization.

Execute the gcloud scc posture-templates describe command:

Linux, macOS, or Cloud Shell

gcloud scc posture-templates describe \
    organizations/ORGANIZATION_ID/locations/global/postureTemplates/secure_ai_essential

Windows (PowerShell)

gcloud scc posture-templates describe `
    organizations/ORGANIZATION_ID/locations/global/postureTemplates/secure_ai_essential

Windows (cmd.exe)

gcloud scc posture-templates describe ^
    organizations/ORGANIZATION_ID/locations/global/postureTemplates/secure_ai_essential

The response contains the posture template.

REST

Before using any of the request data, make the following replacements:

ORGANIZATION_ID: the numeric ID of the organization.

HTTP method and URL:

GET https://securityposture.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/postureTemplates/secure_ai_essential

To send your request, expand one of these options:

curl (Linux, macOS, or Cloud Shell)

Note: The following command assumes that you have logged in to the gcloud CLI with your user account by running gcloud init or gcloud auth login , or by using Cloud Shell, which automatically logs you into the gcloud CLI . You can check the currently active account by running gcloud auth list.

Execute the following command:

curl -X GET \
     -H "Authorization: Bearer $(gcloud auth print-access-token)" \
     "https://securityposture.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/postureTemplates/secure_ai_essential"

PowerShell (Windows)

Note: The following command assumes that you have logged in to the gcloud CLI with your user account by running gcloud init or gcloud auth login . You can check the currently active account by running gcloud auth list.

Execute the following command:

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method GET `
    -Headers $headers `
    -Uri "https://securityposture.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/postureTemplates/secure_ai_essential" | Select-Object -Expand Content

The response contains the posture template.

What's next

Create a security posture using this predefined posture.

Predefined posture for secure AI, essentials Stay organized with collections Save and categorize content based on your preferences.

Security Health Analytics detectors

View the posture template

gcloud

Linux, macOS, or Cloud Shell

Windows (PowerShell)

Windows (cmd.exe)

REST

curl (Linux, macOS, or Cloud Shell)

PowerShell (Windows)

What's next

Predefined posture for secure AI, essentials