Ensure Integrity Monitoring for Shielded Vertex AI Notebook Instances is Enabled
Description
This policy checks whether Integrity Monitoring is enabled for Shielded Vertex AI Notebook Instances. Integrity Monitoring provides an additional layer of security by monitoring the instance's boot process and ensuring its integrity. Enabling this feature helps prevent unauthorized modifications to the instance's boot process, which could compromise its security. It is essential to enable Integrity Monitoring to ensure the security and integrity of sensitive data processed by Vertex AI Notebook Instances.
Code Example
terraform
resource "google_notebooks_instance" "example" {
shielded_instance_config {
enable_integrity_monitoring = true
}
}Remediation
Enable Integrity Monitoring for Shielded Vertex AI Notebook Instances by setting enable_integrity_monitoring to True in the shielded_instance_config block.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0985 |
| Severity | MEDIUM |
| IaC Type | Terraform |
| Frameworks | google_notebooks_instance |
| Checkov ID | CKV_GCP_127 |