Configure AI Protection

AI Protection helps you secure your AI assets and workflows by monitoring your models, data, and AI-related infrastructure. This guide describes how to configure AI Protection.

Required roles

To get the permissions that you need to configure AI Protection and view dashboard data, ask your administrator to grant you the following IAM roles on your organization:

• Configure AI Protection and view dashboard data: Security Center Admin (roles/securitycenter.admin)
• View dashboard data only: Security Center Admin Viewer (roles/securitycenter.adminViewer)

For more information about granting roles, see Manage access to projects, folders, and organizations.

You might also be able to get the required permissions through custom roles or other predefined roles.

The following Google Cloud CLI commands can be used to assign the preceding roles to a user:

Assign roles using gcloud CLI

• To grant the Security Center Admin Viewer role to a user, run the following command:

  gcloud organizations add-iam-policy-binding ORGANIZATION_ID
    --member=user:USER_EMAIL_ID
    --role=roles/securitycenter.admin
  

• To grant the Security Center Admin Viewer role to a user, run the following command:

  gcloud organizations add-iam-policy-binding ORGANIZATION_ID
    --member=user:USER_EMAIL_ID
    --role=roles/securitycenter.adminViewer
  

  Replace the following:

  • ORGANIZATION_ID: the numeric organization ID
  • USER_EMAIL_ID: the email address of the user who requires access

Supported regions

For a list of regions where AI Protection is supported, see Regional endpoints.

Access for service accounts

Ensure all of the service accounts that are mentioned in the following sections are not blocked by an organization policy.

Set up AI Protection

Complete the following to enable AI Protection at the organization level:

1. If you haven't activated Security Command Center in your organization, then Activate Security Command Center Enterprise.
2. After activating the Enterprise service tier of Security Command Center, set up AI Protection by using the guidance in the SCC Setup Guide:
   1. Expand the Review security capabilities summary panel.
   2. From the AI protection panel, click Set up.
   3. Follow the directions to check whether required and dependent services for AI Protection are configured. See Enable and configure Google Cloud services for more information about what is automatically enabled and what requires additional configuration.
3. Enable discovery of the resources that you want to protect with AI Protection.

Enable and configure Google Cloud services

After activating Security Command Center Enterprise, enable and configure additional Google Cloud services to use the full capabilities of AI Protection.

The following services are automatically enabled:

• AI Discovery service
• Attack Path Simulations
• Cloud Audit Logs
• Cloud Monitoring
• Event Threat Detection
• Data Security Posture Management
• Compliance Manager

The following services are required for AI Protection:

• AI Protection framework through Compliance Manager
• Model Armor

Some of these services require additional configuration, as outlined in the following sections.

Configure AI Discovery service

To configure AI Discovery service, grant the Monitoring Viewer (roles/monitoring.viewer) IAM role to the Security Command Center Enterprise organization service account.

Permissions required for this task

To perform this task, you must have been granted the following permissions or the following IAM roles.

Roles

• roles/monitoring.viewer

1. In the Google Cloud console, go to the IAM page.

   Go to IAM

2. Click Grant Access.

3. In the New principals field, enter the Security Command Center Enterprise organization service account. The service account uses the format service-org-ORG_ID@security-center-api.gserviceaccount.com Replace ORG_ID with your organization ID.

4. In the Select a role field, select Monitoring Viewer.

5. Click Save.

Configure advanced DSPM cloud controls

Configure DSPM with advanced cloud controls for data access, flow, and protection. For more information, see Deploy advanced data security cloud controls.

When creating a custom framework that applies to AI workloads, add these cloud controls to the framework:

• Data Access Governance: Restrict access to sensitive data to specific principals, such as users or groups. You specify allowed principals using IAM v2 principal identifier syntax. For example, you can create a policy to allow only members of gdpr-processing-team@example.com to access specific resources.
• Data Flow Governance: Restrict data flow to specific regions. For example, you can create a policy to allow data to be accessed only from the US or EU. You specify the allowed country codes using Unicode Common Locale Data Repository (CLDR).
• Data Protection (with CMEK): Identify resources created without customer-managed encryption keys (CMEK) and receive recommendations. For example, you can create a policy to detect resources created without CMEK for storage.googleapis.com and bigquery.googleapis.com. This policy detects unencrypted assets but doesn't prevent them from being created.

Configure Model Armor

1. Enable the modelarmor.googleapis.com service for each project that uses generative AI activity. For more information, see Get started with Model Armor.
2. Configure the following settings to define security and safety settings for large language model (LLM) prompts and responses.:
   • Model Armor templates: Create a model armor template. These templates define the types of risks to detect, such as sensitive data, prompt injections, and jailbreak detection. They also define the minimum thresholds for those filters.
   • Filters: Model Armor uses various filters to identify risks, including malicious URL detection, prompt injection and jailbreak detection, and sensitive data protection.
   • Floor settings: Configure the project-level floor settings to establish default protection for all Gemini models.

Configure Notebook Security Scanner

Permissions required for this task

To perform this task, you must have been granted the following permissions or the following IAM roles.

Roles

• Dataform Viewer

1. Enable the Notebook Security Scanner service for your organization. For more information, see Enable Notebook Security Scanner for more information.
2. Grant the Dataform Viewer role (roles/dataform.viewer) to notebook-security-scanner-prod@system.gserviceaccount.com on all projects that contain Notebooks.

Configure Sensitive Data Protection

Enable the dlp.googleapis.com API for your project and configure Sensitive Data Protection to scan for sensitive data.

Permissions required for this task

To perform this task, you must have been granted the following permissions or the following IAM roles.

Roles

• DLP Reader
• DLP Data Profiles Admin

1. Enable the Data Loss Prevention API.

   Enable the API

2. Grant the DLP Reader and DLP Data Profiles Admin roles to AI Protection users.

3. Configure Sensitive Data Protection to scan for sensitive data.

Optional: Configure additional high-value resources

To create a resource value configuration, follow the steps in Create a resource value configuration.

When the next attack path simulation runs, it covers the high-value resource set and generates attack paths.

What's next

• AI Protection overview
• Data Security Posture Management
• Configure Model Armor