Configure AI Protection

AI Protection helps you secure your AI assets and workflows by monitoring your models, data, and AI-related infrastructure. This guide describes how to configure AI Protection.

Before you begin

  1. Get your organization ID.
  2. To create and grant roles, ensure you have the required permissions, such as the Identity and Access Management (IAM) Role Administrator (roles/iam.roleAdmin) and Organization Administrator (roles/resourcemanager.organizationAdmin) roles. For more information, see IAM roles and permissions index.

Required roles

After you complete the steps in Before you begin, follow the steps in one of the following sections to set up required roles for AI Protection access:

Custom roles

To adhere to the principle of least privilege, you can create custom IAM roles that grant only the necessary permissions for viewer or administrator access.

This document shows you how to create and grant custom roles for AI Protection.

Configure viewer access

Viewer access lets a user view the AI Protection dashboard and data. To configure viewer access, you create a custom AIP Viewer role and then grant that role to a user.

Create the AIP Viewer custom role

Create a custom role that contains all the permissions that are required for read-only access to AI Protection.

Console

  1. In the Google Cloud console, go to the Roles page.

Go to Roles

  1. Click Create role.
  2. In the Title field, enter AIP Viewer.
  3. The ID field auto-populates. You can optionally change it to aip.viewer.
  4. In the Description field, enter Grants permissions required to view AIP dashboard and data.
  5. Set Role launch stage to General Availability.
  6. Click Add permissions.

  7. Filter for and select each of the following permissions:

    • cloudasset.assets.exportResource
    • cloudasset.assets.searchAllIamPolicies
    • cloudasset.assets.searchAllResources
    • cloudasset.assets.searchEnrichmentResourceOwners
    • cloudasset.othercloudconnections.get
    • cloudasset.othercloudconnections.list
    • cloudsecuritycompliance.controlComplianceSummaries.list
    • cloudsecuritycompliance.frameworkComplianceReports.get
    • dspm.locations.computeAggregation
    • dspm.locations.fetchLineageConnections
    • monitoring.timeSeries.list
    • resourcemanager.organizations.get
    • resourcemanager.projects.get
    • securitycentermanagement.securityCommandCenter.get
    • securitycenter.assets.group
    • securitycenter.assets.list
    • securitycenter.attackpaths.list
    • securitycenter.complianceReports.aggregate
    • securitycenter.findings.group
    • securitycenter.findings.list
    • securitycenter.issues.get
    • securitycenter.issues.group
    • securitycenter.issues.list
    • securitycenter.issues.listFilterValues
    • securitycenter.simulations.get
    • securitycenter.sources.get
    • securitycenter.sources.list
    • securitycenter.userinterfacemetadata.get
    • securitycenter.valuedresources.list

  8. Click Add.

  9. Click Create.

gcloud

  1. In a terminal, run the following gcloud command to create the role:
gcloud iam roles create aip.viewer \  --organization=ORGANIZATION_ID \  --title="AIP Viewer" \  --description="Grants permissions required to view AIP dashboard and data." \  --permissions="cloudasset.assets.exportResource,cloudasset.assets.searchAllIamPolicies,cloudasset.assets.searchAllResources,cloudasset.assets.searchEnrichmentResourceOwners,cloudasset.othercloudconnections.get,cloudasset.othercloudconnections.list,cloudsecuritycompliance.controlComplianceSummaries.list,cloudsecuritycompliance.frameworkComplianceReports.get,dspm.locations.computeAggregation,dspm.locations.fetchLineageConnections,monitoring.timeSeries.list,resourcemanager.organizations.get,resourcemanager.projects.get,securitycentermanagement.securityCommandCenter.get,securitycenter.assets.group,securitycenter.assets.list,securitycenter.attackpaths.list,securitycenter.complianceReports.aggregate,securitycenter.findings.group,securitycenter.findings.list,securitycenter.issues.get,securitycenter.issues.group,securitycenter.issues.list,securitycenter.issues.listFilterValues,securitycenter.simulations.get,securitycenter.sources.get,securitycenter.sources.list,securitycenter.userinterfacemetadata.get,securitycenter.valuedresources.list" \

Replace ORGANIZATION_ID with your organization ID.

Grant viewer access to a user

After you create the AIP Viewer custom role, grant it to users who need viewer access.

Console

  1. In the Google Cloud console, go to the IAM page.

Go to IAM

  1. Click Grant Access.
  2. In the New principals field, enter the user's email address.
  3. In the Select a role drop-down, search for and select the AIP Viewer custom role.
  4. Click Save.

gcloud

  1. In a terminal, run the following gcloud command:
gcloud organizations add-iam-policy-binding ORGANIZATION_ID \  --member="user:USER_EMAIL" \  --role="organizations/ORGANIZATION_ID/roles/aip.viewer"

Replace the following:

  • ORGANIZATION_ID: your organization ID.
  • USER_EMAIL: the user's email address.

Configure administrator access

Administrator access lets a user manage AI Protection features. To configure administrator access, you first create the AIP Essentials custom role. Then, you grant that role and the required predefined roles to a user.

Create the AIP Essentials custom role

Create a custom role that contains the essential supporting permissions required for AI Protection.

Console

  1. In the Google Cloud console, go to the Roles page.

Go to Roles

  1. Click Create role.
  2. In the Title field, enter AIP Essentials.
  3. The ID field auto-populates. You can optionally change it to aip.essentials.
  4. In the Description field, enter Grants supporting permissions required to view AIP dashboard and data.
  5. Set Role launch stage to General Availability.
  6. Click Add permissions.

  7. Filter for and select each of the following permissions:

    • cloudasset.assets.searchEnrichmentResourceOwners
    • cloudasset.othercloudconnections.get
    • cloudasset.othercloudconnections.list
    • resourcemanager.organizations.get
    • resourcemanager.projects.get
    • securitycentermanagement.securityCommandCenter.get
    • securitycenter.assets.group
    • securitycenter.assets.list
    • securitycenter.attackpaths.list
    • securitycenter.complianceReports.aggregate
    • securitycenter.findings.group
    • securitycenter.findings.list
    • securitycenter.simulations.get
    • securitycenter.userinterfacemetadata.get
    • securitycenter.valuedresources.list

  8. Click Add.

  9. Click Create.

gcloud

  1. In a terminal, run the following gcloud command to create the role:
gcloud iam roles create aip.essentials \  --organization=ORGANIZATION_ID \  --title="AIP Essentials" \  --description="Grants supporting permissions required to view AIP dashboard and data." \  --permissions="cloudasset.assets.searchEnrichmentResourceOwners,cloudasset.othercloudconnections.get,cloudasset.othercloudconnections.list,resourcemanager.organizations.get,resourcemanager.projects.get,securitycentermanagement.securityCommandCenter.get,securitycenter.assets.group,securitycenter.assets.list,securitycenter.attackpaths.list,securitycenter.complianceReports.aggregate,securitycenter.findings.group,securitycenter.findings.list,securitycenter.simulations.get,securitycenter.userinterfacemetadata.get,securitycenter.valuedresources.list" \

Replace ORGANIZATION_ID with your organization ID.

Grant administrator access to a user

After you create the AIP Essentials custom role, grant it along with the required predefined roles to users who need administrator access.

Console

  1. In the Google Cloud console, go to the IAM page.

Go to IAM

  1. Click Grant Access.
  2. In the New principals field, enter the user's email address.
  3. In the Select a role drop-down, search for and add each of the following roles:
    • DSPM Admin (roles/dspm.admin)
    • Model Armor Admin (roles/modelarmor.admin)
    • Model Armor Floor Settings Admin (roles/modelarmor.floorSettingsAdmin)
    • Cloud Security Compliance Admin (roles/cloudsecuritycompliance.admin)
    • Security Center Findings Viewer (roles/securityCenter.findingsViewer)
    • Monitoring Viewer (roles/monitoring.viewer)
    • Cloud Asset Viewer (roles/cloudasset.viewer)
    • The custom AIP Essentials role you created.
  4. Click Save.

gcloud

  1. In a terminal, run the following commands, one for each role:
gcloud organizations add-iam-policy-binding ORGANIZATION_ID \  --member="user:USER_EMAIL" \  --role="roles/dspm.admin" gcloud organizations add-iam-policy-binding ORGANIZATION_ID \  --member="user:USER_EMAIL" \  --role="roles/modelarmor.admin" gcloud organizations add-iam-policy-binding ORGANIZATION_ID \  --member="user:USER_EMAIL" \  --role="roles/modelarmor.floorSettingsAdmin" gcloud organizations add-iam-policy-binding ORGANIZATION_ID \  --member="user:USER_EMAIL" \  --role="roles/cloudsecuritycompliance.admin" gcloud organizations add-iam-policy-binding ORGANIZATION_ID \  --member="user:USER_EMAIL" \  --role="roles/securityCenter.findingsViewer" gcloud organizations add-iam-policy-binding ORGANIZATION_ID \  --member="user:USER_EMAIL" \  --role="roles/monitoring.viewer" gcloud organizations add-iam-policy-binding ORGANIZATION_ID \  --member="user:USER_EMAIL" \  --role="roles/cloudasset.viewer" gcloud organizations add-iam-policy-binding ORGANIZATION_ID \  --member="user:USER_EMAIL" \  --role="organizations/ORGANIZATION_ID/roles/aip.essentials"

Replace the following:

  • ORGANIZATION_ID: your organization ID.
  • USER_EMAIL: the user's email address.

Predefined roles

To get the permissions that you need to configure AI Protection and view dashboard data, ask your administrator to grant you the following IAM roles on your organization:

For more information about granting roles, see Manage access to projects, folders, and organizations.

You might also be able to get the required permissions through custom roles or other predefined roles.

The following Google Cloud CLI commands can be used to assign the preceding roles to a user:

Assign roles using gcloud CLI

  • To grant the Security Center Admin role to a user, run the following command:

    gcloud organizations add-iam-policy-binding ORGANIZATION_ID  --member=user:USER_EMAIL_ID  --role=roles/securitycenter.admin

  • To grant the Security Center Admin Viewer role to a user, run the following command:

    gcloud organizations add-iam-policy-binding ORGANIZATION_ID  --member=user:USER_EMAIL_ID  --role=roles/securitycenter.adminViewer

    Replace the following:

    • ORGANIZATION_ID: the numeric organization ID
    • USER_EMAIL_ID: the email address of the user who requires access

Supported regions

For a list of regions where AI Protection is supported, see Regional endpoints.

Access for service accounts

Ensure that organization policies don't block any service accounts mentioned in the following sections.

Set up AI Protection

Complete the following to enable AI Protection at the organization level:

Premium

  1. If you haven't activated Security Command Center in your organization, then Activate Security Command Center Premium.
  2. After activating the Premium service tier of Security Command Center, set up AI Protection by going to Settings > Manage Settings on the AI Protection card.

    Go to AI Protection settings

  3. Enable discovery of the resources that you want to protect with AI Protection.
  4. Check your AI security dashboard by going to Risk Overview > AI Security.

Enterprise

  1. If you haven't activated Security Command Center in your organization, then Activate Security Command Center Enterprise.
  2. After activating the Enterprise service tier of Security Command Center, set up AI Protection by using the guidance in the SCC Setup Guide.

    Go to Setup guide

    1. Expand the Review security capabilities summary panel.
    2. From the AI protection panel, click Set up.
    3. Follow the directions to check whether required and dependent services for AI Protection are configured. To understand what is automatically enabled and what requires additional configuration, see Activate and configure Google Cloud services.
  3. Enable discovery of the resources that you want to protect with AI Protection.

Activate and configure Google Cloud services

After activating Security Command Center Premium or Enterprise, activate and configure additional Google Cloud services to use the full capabilities of AI Protection.

The following services are automatically activated:

  • Agent Engine Threat Detection (Preview)
  • AI Discovery service
  • Attack Path Simulations
  • Cloud Audit Logs
  • Cloud Monitoring
  • Compliance Manager
  • Event Threat Detection
  • Data Security Posture Management
  • Notebook Security Scanner
  • Sensitive Data Protection

The following services are required for AI Protection:

Some of these services require additional configuration, as outlined in the following sections.

Configure AI Discovery service

AI Discovery service is automatically activated as part of Security Command Center Enterprise onboarding. The Monitoring Viewer (roles/monitoring.viewer) IAM role is provided, but check that it's applied to the Security Command Center Enterprise organization service account.

  1. In the Google Cloud console, go to the IAM page.

    Go to IAM

  2. Click Grant Access.

  3. In the New principals field, enter the Security Command Center Enterprise organization service account. The service account uses the format service-org-ORG_ID@security-center-api.gserviceaccount.com Replace ORG_ID with your organization ID.

  4. In the Select a role field, select Monitoring Viewer.

  5. Click Save.

Configure advanced DSPM cloud controls

Configure DSPM with advanced cloud controls for data access, flow, and protection. For more information, see Deploy advanced data security cloud controls.

When creating a custom framework that applies to AI workloads, include these cloud controls:

  • Data Access Governance: Restrict access to sensitive data to specific principals, such as users or groups. You specify allowed principals using IAM v2 principal identifier syntax. For example, you can create a policy to allow only members of gdpr-processing-team@example.com to access specific resources.
  • Data Flow Governance: Restrict data flow to specific regions. For example, you can create a policy to allow data to be accessed only from the US or EU. You specify the allowed country codes using Unicode Common Locale Data Repository (CLDR).
  • Data Protection (with CMEK): Identify resources created without customer-managed encryption keys (CMEK) and receive recommendations. For example, you can create a policy to detect resources created without CMEK for storage.googleapis.com and bigquery.googleapis.com. This policy detects unencrypted assets but doesn't prevent them from being created.

Configure Model Armor

  1. Enable the modelarmor.googleapis.com service for each project that uses generative AI activity. For more information, see Get started with Model Armor.
  2. Configure the following settings to define security and safety settings for large language model (LLM) prompts and responses:
    • Model Armor templates: Create a Model Armor template. These templates define the types of risks to detect, such as sensitive data, prompt injections, and jailbreak detection. They also define the minimum thresholds for those filters.
    • Filters: Model Armor uses various filters to identify risks, including malicious URL detection, prompt injection and jailbreak detection, and sensitive data protection.
    • Floor settings: Configure the project-level floor settings to establish default protection for all Gemini models.

Configure Notebook Security Scanner

  1. Enable the Notebook Security Scanner service for your organization. For more information, see Enable Notebook Security Scanner.
  2. Grant the Dataform Viewer role (roles/dataform.viewer) to notebook-security-scanner-prod@system.gserviceaccount.com on all projects that contain Notebooks.

Configure Sensitive Data Protection

Enable the dlp.googleapis.com API for your project and configure Sensitive Data Protection to scan for sensitive data.

  1. Enable the Data Loss Prevention API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.

    Enable the API

  2. Grant the DLP Reader and DLP Data Profiles Admin roles to AI Protection users.

  3. Configure Sensitive Data Protection to scan for sensitive data.

Optional: Configure additional high-value resources

To create a resource value configuration, follow the steps in Create a resource value configuration.

When the next attack path simulation runs, it covers the high-value resource set and generates attack paths.

Limitations

AI Protection for the Security Command Center Premium tier has the following limitations for environments that are enabled for data residency:

  • AI Protection requires manual activation. AI Protection doesn't scan for threats or provide threat protection for these environments until activated.
  • You cannot access the AI Security dashboard or the AI Assets page. Both of these are disable for these environments.

For more information on data residency, see Planning for data residency.

What's next