Stay organized with collectionsSave and categorize content based on your preferences.
Use a shielded virtual machine with user-managed notebooks
Vertex AI Workbench user-managed notebooks isdeprecated. On
April 14, 2025, support for
user-managed notebooks will end and the ability to create user-managed notebooks instances
will be removed. Existing instances will continue to function
but patches, updates, and upgrades won't be available. To continue using
Vertex AI Workbench, we recommend that youmigrate
your user-managed notebooks instances to Vertex AI Workbench instances.
So you can be confident that your instances have not been compromised by
boot- or kernel-level malware or rootkits,
Shielded VM offers verifiable integrity of Compute Engine VM
instances.
Shielded VM's verifiable integrity is achieved through the
use ofSecure Boot,virtual trusted platform module
(vTPM)-enabledMeasured
Boot, andintegrity
monitoring.
To use Shielded VM with user-managed notebooks,
you must create
a Deep Learning VM Images with a Debian 10 OS that
isversion
M51or higher.
While using Vertex AI Workbench, you can't use
shielded VM user-managed notebooks instances
that use GPU accelerators.
Create a user-managed notebooks instance using a shielded VM
To create a shielded VM that you can use with
user-managed notebooks, complete the following steps:
Select the image familythat you want your instance to be based
on. Use the followingGoogle Cloud CLIcommand to
list the available image families that are compatible
with user-managed notebooks
and Shielded VM. You can run the command inCloud Shellor any environment where theGoogle Cloud CLIis installed.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Use a shielded virtual machine with Vertex AI Workbench user-managed notebooks\n\nUse a shielded virtual machine with user-managed notebooks\n==========================================================\n\n\n| Vertex AI Workbench user-managed notebooks is\n| [deprecated](/vertex-ai/docs/deprecations). On\n| April 14, 2025, support for\n| user-managed notebooks will end and the ability to create user-managed notebooks instances\n| will be removed. Existing instances will continue to function\n| but patches, updates, and upgrades won't be available. To continue using\n| Vertex AI Workbench, we recommend that you\n| [migrate\n| your user-managed notebooks instances to Vertex AI Workbench instances](/vertex-ai/docs/workbench/user-managed/migrate-to-instances).\n\n\u003cbr /\u003e\n\nSo you can be confident that your instances have not been compromised by\nboot- or kernel-level malware or rootkits,\nShielded VM offers verifiable integrity of Compute Engine VM\ninstances.\nShielded VM's verifiable integrity is achieved through the\nuse of [Secure Boot](/compute/shielded-vm/docs/shielded-vm#secure-boot),\n[virtual trusted platform module\n(vTPM)](/compute/shielded-vm/docs/shielded-vm#vtpm)-enabled [Measured\nBoot](/compute/shielded-vm/docs/shielded-vm#measured-boot), and [integrity\nmonitoring](/compute/shielded-vm/docs/shielded-vm#integrity-monitoring).\n\nFor more information, see\n[Shielded VM](/security/shielded-cloud/shielded-vm).\n\nRequirements and limitations\n----------------------------\n\nTo use Shielded VM with user-managed notebooks,\nyou must create\na Deep Learning VM Images with a Debian 10 OS that\nis [version\nM51](/deep-learning-vm/docs/release-notes#July_13_2020)\nor higher.\n\nWhile using Vertex AI Workbench, you can't use\nshielded VM user-managed notebooks instances\nthat use GPU accelerators.\n\nCreate a user-managed notebooks instance using a shielded VM\n------------------------------------------------------------\n\nTo create a shielded VM that you can use with\nuser-managed notebooks, complete the following steps:\n\n1. [Select the image family](/vertex-ai/docs/workbench/user-managed/images) that you want your instance to be based\n on. Use the following [Google Cloud CLI](/sdk/gcloud) command to\n list the available image families that are compatible\n with user-managed notebooks\n and Shielded VM. You can run the command in\n [Cloud Shell](https://console.cloud.google.com?cloudshell=true)\n or any environment where the [Google Cloud CLI](/sdk/docs)\n is installed.\n\n ```bash\n gcloud compute images list \\\n --project deeplearning-platform-release \\\n --no-standard-images | grep debian-10\n ```\n2. Use the following command to create the Compute Engine instance.\n\n ```bash\n gcloud compute instances create nb-legacy2 \\\n --image-project=deeplearning-platform-release \\\n --image-family=MY_IMAGE_FAMILY \\\n --metadata=\"proxy-mode=service_account\" \\\n --scopes=https://www.googleapis.com/auth/cloud-platform \\\n --shielded-secure-boot \\\n --zone=MY_ZONE\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003eMY_IMAGE_FAMILY\u003c/var\u003e: the image family name that you want to use to create your VM\n - \u003cvar translate=\"no\"\u003eMY_ZONE\u003c/var\u003e: the zone where you want your instance to be located\n3. [Register your Compute Engine VM with the\n Notebooks API](/vertex-ai/docs/workbench/user-managed/registering-legacy-notebooks#register).\n\nWhat's next\n-----------\n\n- Learn more about [user-managed notebooks image\n families](/vertex-ai/docs/workbench/user-managed/images).\n\n- Learn more about [modifying Shielded VM\n options](/compute/shielded-vm/docs/modifying-shielded-vm)."]]
