Customer-managed encryption keys (CMEK)

By default, Vertex AI Workbench encrypts customer content at rest. Vertex AI Workbench handles encryption for you without any additional actions on your part. This option is calledGoogle default encryption.

If you want to control your encryption keys, then you can use customer-managed encryption keys (CMEKs) inCloud KMS with CMEK-integrated services including Vertex AI Workbench. Using Cloud KMS keys gives you control over their protection level, location, rotation schedule, usage and access permissions, and cryptographic boundaries. Using Cloud KMS also letsyoutrack key usage, view audit logs, andcontrol key lifecycles. Instead of Google owning and managing the symmetrickey encryption keys (KEKs) that protect your data, you control and manage these keys in Cloud KMS.

After you set up your resources with CMEKs, the experience of accessing your Vertex AI Workbench resources is similar to using Google default encryption. For more information about your encryption options, seeCustomer-managed encryption keys (CMEK).

This page describes some specific benefits and limitations of using CMEK withVertex AI Workbench and showshow to configure a new Vertex AI Workbench instanceto use CMEK.

For more information about how to use CMEK for Vertex AI, see theVertex AI CMEK page.

Benefits of CMEK

In general, CMEK is most useful if you need full control over the keys used toencrypt your data. With CMEK, you can manage your keys withinCloud Key Management Service. For example, you can rotate or disable a key or you can setup a rotation schedule by using the Cloud KMS API.

When you run a Vertex AI Workbench instance,your instance runson a virtual machine (VM) managed by Vertex AI Workbench.When you enableCMEK for a Vertex AI Workbench instance,Vertex AI Workbench uses the key that you designate,rather than a key managed by Google, to encryptdata on the boot disks of the VM.

The CMEK keydoesn't encrypt metadata, like the instance's name and region,associated with your Vertex AI Workbench instance.Metadata associated withVertex AI Workbench instances is alwaysencrypted using Google's default encryption mechanism.

Limitations of CMEK

To decrease latency and to prevent cases where resources depend onservices that are spread across multiple failure domains, Google recommendsthat you protect regionalVertex AI Workbench instances with keys in the same location.

  • You can encrypt regional Vertex AI Workbench instancesby using keys in the same location or in the global location. For example,you can encrypt data in a disk in zoneus-west1-a by usinga key inus-west1 orglobal.
  • You can encrypt global instances by using keys in any location.
  • Configuring CMEK forVertex AI Workbenchdoesn't automatically configure CMEKfor other Google Cloud products that you use. To use CMEK to encryptdata in other Google Cloud products, you must complete additionalconfiguration.

Configure CMEK for your Vertex AI Workbench instance

The following sections describe how to create akey ring and key in Cloud Key Management Service,grant the service account encrypter and decrypter permissions for your key,and create a Vertex AI Workbench instance that uses CMEK.

Before you begin

We recommend using a setup that supports aseparation ofduties. To configure CMEKfor Vertex AI Workbench, you can usetwo separate Google Cloud projects:

  • A Cloud KMS project: a project for managing your encryption key
  • A Vertex AI Workbench project: a project for accessingVertex AI Workbench instances and interacting with anyother Google Cloud products that you need for your use case

Alternatively, you can use a single Google Cloud project. To do so,use the same project for all of the following tasks.

Set up the Cloud KMS project

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.

  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.create permission.Learn how to grant roles.

    Go to project selector

  3. Verify that billing is enabled for your Google Cloud project.

  4. Enable the Cloud KMS API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enable permission.Learn how to grant roles.

    Enable the API

  5. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.create permission.Learn how to grant roles.

    Go to project selector

  6. Verify that billing is enabled for your Google Cloud project.

  7. Enable the Cloud KMS API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enable permission.Learn how to grant roles.

    Enable the API

Set up the Vertex AI Workbench project

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.

  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.create permission.Learn how to grant roles.

    Go to project selector

  3. Verify that billing is enabled for your Google Cloud project.

  4. Enable the Notebooks API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enable permission.Learn how to grant roles.

    Enable the API

  5. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.create permission.Learn how to grant roles.

    Go to project selector

  6. Verify that billing is enabled for your Google Cloud project.

  7. Enable the Notebooks API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enable permission.Learn how to grant roles.

    Enable the API

Set up the Google Cloud CLI

The gcloud CLI is required for some steps on this page and optionalfor others.

Install the Google Cloud CLI. After installation,initialize the Google Cloud CLI by running the following command:

gcloudinit

If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.

Note: You can run the gcloud CLI in the Google Cloud console without installing the Google Cloud CLI. To run the gcloud CLI in the Google Cloud console,use Cloud Shell.

Create a key ring and key

When you create a key ring and key, keep the following requirements in mind:

  • When you choose your key ring's location, use eitherglobalor the location where your Vertex AI Workbench instancewill be.

  • Make sure to create your key ring and key in your Cloud KMS project.

To create a key ring and a key, seeCreate symmetric encryption keys.

Grant Vertex AI Workbench permissions

To use CMEK for your Vertex AI Workbench instance,you must grant your Vertex AI Workbench instance permission toencrypt and decrypt data using your key. You grant this permission toyour project'sservice agent and theCompute Engine service account.

To find the specific accounts for your Vertex AI Workbench project,use the Google Cloud console.

  1. In the Google Cloud console, go to theIAM page

    Go to IAM

  2. SelectInclude Google-provided role grants.

  3. Find the members that match the following email address formats. Makenote of the email addresses, and use them in the following steps.

    • Your project's service agent's email address looks like the following:

      service-NOTEBOOKS_PROJECT_NUMBER@gcp-sa-notebooks.iam.gserviceaccount.com

    • The Compute Engine service account's email address looks likethe following:

      service-NOTEBOOKS_PROJECT_NUMBER@compute-system.iam.gserviceaccount.com

    ReplaceNOTEBOOKS_PROJECT_NUMBER with theprojectnumberfor your Vertex AI Workbench project.

    To grant these accounts permission to encrypt and decrypt data usingyour key, you can use the Google Cloud console or the gcloud CLI.

    Console

    1. In the Google Cloud console, go to theKey management page.

      Go to Key management

    2. Select your Cloud KMS project.

    3. Click the name of the key ring that you created inCreate a key ring and key. TheKey ring details page opens.

    4. Select the checkbox for the key that you created inCreate a key ring and key.If an info panel labeled with the name of your key isn't alreadyopen, clickShow info panel.

    5. In the info panel, click Add member.TheAdd members to "KEY_NAME" dialog opens. In thisdialog, do the following:

      1. In theNew members field, enter your project's service agent'semail address:

        service-NOTEBOOKS_PROJECT_NUMBER@gcp-sa-notebooks.iam.gserviceaccount.com

      2. In theSelect a role list, clickCloud KMSand then select theCloud KMS CryptoKey Encrypter/Decrypter role.

      3. ClickSave.

    6. Repeat these steps for the Compute Engine service agent:

      service-NOTEBOOKS_PROJECT_NUMBER@compute-system.iam.gserviceaccount.com

    gcloud

    1. To grant your project's service agent permission to encrypt anddecrypt data using your key, run the following command:

      gcloudkmskeysadd-iam-policy-bindingKEY_NAME\--keyring=KEY_RING_NAME\--location=REGION\--project=KMS_PROJECT_ID\--member=serviceAccount:service-NOTEBOOKS_PROJECT_NUMBER@gcp-sa-notebooks.iam.gserviceaccount.com\--role=roles/cloudkms.cryptoKeyEncrypterDecrypter

      Replace the following:

      • KEY_NAME: the name of the key that youcreated inCreate a key ring and key
      • KEY_RING_NAME: the key ring that youcreated inCreate a key ring and key
      • REGION: the region where you created yourkey ring
      • KMS_PROJECT_ID: the ID of yourCloud KMS project
      • NOTEBOOKS_PROJECT_NUMBER: the project numberof your Vertex AI Workbench project, which you noted inthe preceding section as part of a service account email address.

    2. To grant the Compute Engine service account permissionto encrypt and decrypt data using your key, run the following command:

      gcloudkmskeysadd-iam-policy-bindingKEY_NAME\--keyring=KEY_RING_NAME\--location=REGION\--project=KMS_PROJECT_ID\--member=serviceAccount:service-NOTEBOOKS_PROJECT_NUMBER@compute-system.iam.gserviceaccount.com\--role=roles/cloudkms.cryptoKeyEncrypterDecrypter

Create a Vertex AI Workbench instance with CMEK

After you have granted your Vertex AI Workbench instancepermissionto encrypt and decrypt datausing your key, you can create a Vertex AI Workbench instancethat encrypts data using this key.

The following example shows how to encrypt and decrypt datausing your key by using the Google Cloud console.

To create a Vertex AI Workbench instance with acustomer-managed encryption key, you can use the Google Cloud console orthe gcloud CLI:

Console

  1. In the Google Cloud console, go to theInstances page.

    Go to Instances

  2. Click Create new.

  3. In theNew instance dialog, clickAdvanced options.

  4. In theCreate instance dialog,in theDetails section,provide the following information for your new instance:

    • Name: a name for your new instance
    • Region: the region that your key and key ring are in
    • Zone: a zone within the region that you selected

  5. In theDisks section, inEncryption,selectCustomer-managed encryption key (CMEK).

  6. ClickSelect a customer-managed key.

    • If the customer-managed key that you want to use is in the list,select it.

    • If the customer-managed key that you want to use isn't in the list,enter the resource ID for your customer-managed key. The resourceID for your customer-managed key looks like the following:

      projects/NOTEBOOKS_PROJECT_NUMBER/locations/REGION/keyRings/KEY_RING_NAME/cryptoKeys/KEY_NAME

      Replace the following:

      • NOTEBOOKS_PROJECT_NUMBER: the ID of yourVertex AI Workbench project
      • REGION: the region where you created yourkey ring and where you plan to createyour Vertex AI Workbench instance
      • KEY_RING_NAME: the key ring that you createdinCreate a key ring and key
      • KEY_NAME: the name of the key that youcreated inCreate a key ring and key

  7. Complete the rest of the instance creation dialog,and then clickCreate.

gcloud

To use the gcloud CLI to createa Vertex AI Workbench instance with acustomer-managed encryption key, run the following command.This example assumes that you want to createa Vertex AI Workbench instancewith ann1-standard-1 machine type and a100 GB standard persistent boot disk.

gcloudnotebooksinstancescreatenotebook-vm-cmek\--location=REGION\--vm-image-family=IMAGE_FAMILY\--vm-image-project=cloud-notebooks-managed\--machine-type="n1-standard-1"\--boot-disk-type="PD_STANDARD"\--boot-disk-size=100\--kms-key=KEY_NAME\--kms-project=KMS_PROJECT_ID\--kms-location=REGION\--kms-keyring=KEY_RING_NAME\--disk-encryption=CMEK\--metadata='proxy-mode=project_editors'

Replace the following:

  • REGION: the region where you created your key ringand where you plan to create your Vertex AI Workbench instance
  • IMAGE_FAMILY: the image familythat you want to use to create your Vertex AI Workbench instance
  • KEY_NAME: the name of the key that you created inCreate a key ring and key
  • KMS_PROJECT_ID: the ID of yourCloud KMS project
  • KEY_RING_NAME: the key ring that you created inCreate a key ring and key

What's next

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-12-17 UTC.