{"id":569,"date":"2026-04-14T13:32:17","date_gmt":"2026-04-14T13:32:17","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/google-cloud-vertex-ai-model-registry-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-ai-and-ml\/"},"modified":"2026-04-14T13:32:17","modified_gmt":"2026-04-14T13:32:17","slug":"google-cloud-vertex-ai-model-registry-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-ai-and-ml","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/google-cloud-vertex-ai-model-registry-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-ai-and-ml\/","title":{"rendered":"Google Cloud Vertex AI Model Registry Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for AI and ML"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Category<\/h2>\n\n\n\n<p>AI and ML<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. Introduction<\/h2>\n\n\n\n<p>Vertex AI Model Registry is Google Cloud\u2019s managed place to <strong>register, organize, version, and govern machine learning models<\/strong> used across your teams and environments. It provides a consistent \u201csystem of record\u201d for models so that training outputs from notebooks, pipelines, or CI\/CD can be tracked and reused for deployment\u2014without relying on ad-hoc bucket paths and tribal knowledge.<\/p>\n\n\n\n<p>In simple terms: <strong>Model Registry is where you store the model \u201centry\u201d (metadata + pointers to artifacts + serving container settings)<\/strong> so your team can reliably find the right model version, understand what it is, and use it downstream for testing or production rollout.<\/p>\n\n\n\n<p>Technically, Vertex AI Model Registry is built on Vertex AI\u2019s <strong>Model resources<\/strong> in a specific Google Cloud <strong>project and region<\/strong>. A registered model includes metadata (display name, labels, description, versions\/aliases) and links to the model artifacts (commonly in Cloud Storage) plus optional serving configuration (for online prediction). It integrates with Vertex AI Pipelines\/metadata lineage and deploys to Vertex AI Endpoints for serving.<\/p>\n\n\n\n<p>The problem it solves is common in ML engineering: <strong>model sprawl and lack of traceability<\/strong>. Without a registry, teams lose track of which model is in production, how it was trained, where artifacts live, which container serves it, who approved changes, and how to roll back. Vertex AI Model Registry makes those practices manageable, repeatable, and auditable.<\/p>\n\n\n\n<blockquote>\n<p>Service name check (renames\/deprecations): The current Google Cloud service name is <strong>Vertex AI Model Registry<\/strong>. It is part of <strong>Vertex AI<\/strong> (AI and ML). Capabilities evolve; always verify the latest behavior in the official docs before standardizing an enterprise workflow.<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">2. What is Vertex AI Model Registry?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Official purpose<\/h3>\n\n\n\n<p>Vertex AI Model Registry is the Vertex AI capability used to <strong>register and manage models and model versions<\/strong> so they can be discovered, governed, and used consistently for deployment, evaluation, and lifecycle management.<\/p>\n\n\n\n<p>Official documentation entry point:\n&#8211; https:\/\/cloud.google.com\/vertex-ai\/docs\/model-registry<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Core capabilities<\/h3>\n\n\n\n<p>At a practical level, Vertex AI Model Registry helps you:\n&#8211; <strong>Register (upload\/import) models<\/strong> into Vertex AI as first-class resources.\n&#8211; <strong>Track versions<\/strong> of a model (where supported\/used) and distinguish them with metadata.\n&#8211; <strong>Attach metadata<\/strong> like labels, descriptions, and (optionally) lineage links from pipelines.\n&#8211; <strong>Standardize deployment inputs<\/strong> (artifacts + serving container or prediction schema) so teams deploy consistently.\n&#8211; <strong>Discover and reuse models<\/strong> across teams in a project\/region using the console, CLI, or APIs.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Major components (conceptual)<\/h3>\n\n\n\n<p>While Google Cloud implementation details are exposed through Vertex AI resources, think of Model Registry as:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Component<\/th>\n<th>What it represents<\/th>\n<th>Where it lives<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Registered model<\/td>\n<td>A Vertex AI <strong>Model<\/strong> resource with metadata and pointers to artifacts<\/td>\n<td>Vertex AI in a project + region<\/td>\n<\/tr>\n<tr>\n<td>Model artifacts<\/td>\n<td>The actual model files (SavedModel, joblib\/pkl, etc.)<\/td>\n<td>Typically Cloud Storage<\/td>\n<\/tr>\n<tr>\n<td>Serving configuration<\/td>\n<td>Container image + routes\/ports\/env (for custom serving) or prebuilt serving settings<\/td>\n<td>Stored on the Model resource<\/td>\n<\/tr>\n<tr>\n<td>Versions \/ aliases<\/td>\n<td>Mechanism to manage multiple iterations of a model and refer to \u201cprod\u201d, \u201cstaging\u201d, etc.<\/td>\n<td>On\/under the Model resource (feature set may evolve\u2014verify in docs)<\/td>\n<\/tr>\n<tr>\n<td>Lineage\/metadata<\/td>\n<td>Links to how the model was produced (pipeline run, dataset, training job)<\/td>\n<td>Vertex ML Metadata \/ Vertex AI Pipelines integration<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Service type<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Managed control-plane service<\/strong> within Vertex AI.<\/li>\n<li>Exposed via <strong>Google Cloud Console<\/strong>, <strong>Vertex AI API<\/strong>, and <strong>gcloud<\/strong>.<\/li>\n<li>Works with other managed services (Cloud Storage, Artifact Registry, Cloud Build, Vertex AI Endpoints).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scope (regional\/project)<\/h3>\n\n\n\n<p>Vertex AI resources (including models) are typically:\n&#8211; <strong>Project-scoped<\/strong>: models belong to a Google Cloud project.\n&#8211; <strong>Region-scoped<\/strong>: models are created in a specific Vertex AI location (for example, <code>us-central1<\/code>).<br\/>\n  This affects where the model resource exists and where some operations can run.<\/p>\n\n\n\n<p>Always align:\n&#8211; Model Registry region\n&#8211; Artifact location (Cloud Storage bucket region\/multi-region)\n&#8211; Serving region (Vertex AI Endpoint location)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How it fits into the Google Cloud ecosystem<\/h3>\n\n\n\n<p>Vertex AI Model Registry sits at the center of an ML platform on Google Cloud:\n&#8211; <strong>Upstream<\/strong>: training jobs (Vertex AI training), notebooks (Vertex AI Workbench), pipelines (Vertex AI Pipelines), CI\/CD (Cloud Build), data (BigQuery, Cloud Storage).\n&#8211; <strong>Downstream<\/strong>: online serving (Vertex AI Endpoints), batch prediction, monitoring, logging, governance (Cloud Logging, Cloud Audit Logs), security controls (IAM, VPC Service Controls, CMEK where supported).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">3. Why use Vertex AI Model Registry?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Business reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Faster delivery to production<\/strong>: teams waste less time locating \u201cthe right model.\u201d<\/li>\n<li><strong>Reduced production risk<\/strong>: consistent versioning and metadata reduce accidental deployments.<\/li>\n<li><strong>Auditability<\/strong>: clearer evidence of what ran where, when, and by whom (with Audit Logs).<\/li>\n<li><strong>Cross-team reuse<\/strong>: a shared registry prevents duplicate efforts.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Technical reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Standard model resource<\/strong>: a single API surface for models regardless of how they were trained.<\/li>\n<li><strong>Version organization<\/strong>: manage model iterations without relying on bucket folder names.<\/li>\n<li><strong>Seamless deployment<\/strong>: registered models are deployable to Vertex AI Endpoints (when configured).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Repeatable workflows<\/strong>: CI\/CD can upload\/register models the same way every time.<\/li>\n<li><strong>Environment separation<\/strong>: use separate projects (dev\/stage\/prod) or labels to distinguish releases.<\/li>\n<li><strong>Troubleshooting<\/strong>: easier to correlate model changes with incidents and roll back.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/compliance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>IAM-controlled access<\/strong>: limit who can upload, update, or deploy models.<\/li>\n<li><strong>Central governance point<\/strong>: enforce labeling, naming, and ownership rules.<\/li>\n<li><strong>Audit logs<\/strong>: record admin activity for investigations and compliance.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scalability\/performance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Scales with organization<\/strong>: registry patterns hold up as model counts grow.<\/li>\n<li><strong>Improves MLOps throughput<\/strong>: reduces manual coordination and deployment friction.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should choose it<\/h3>\n\n\n\n<p>Choose Vertex AI Model Registry if:\n&#8211; You deploy models to Vertex AI Endpoints or manage models across teams.\n&#8211; You need traceability and consistent model packaging standards.\n&#8211; You run multiple experiments and require a controlled \u201cpromotion\u201d path.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should not choose it<\/h3>\n\n\n\n<p>Consider alternatives if:\n&#8211; You are fully on-prem or need a self-managed registry (for example, MLflow) with custom governance rules.\n&#8211; Your serving platform is entirely outside Google Cloud and you only need artifact storage (Cloud Storage\/Artifact Registry might suffice).\n&#8211; Your org is not ready for MLOps practices (you may need to start with standardized artifact naming + metadata first).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">4. Where is Vertex AI Model Registry used?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Industries<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Finance (credit risk models, fraud detection)<\/li>\n<li>Retail\/e-commerce (recommendations, demand forecasting)<\/li>\n<li>Manufacturing (predictive maintenance)<\/li>\n<li>Healthcare\/life sciences (risk stratification, imaging models\u2014subject to strict compliance)<\/li>\n<li>Media\/ads (ranking, targeting models)<\/li>\n<li>SaaS (churn prediction, personalization)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Team types<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Central platform\/ML enablement teams building a shared MLOps platform<\/li>\n<li>Product ML teams owning models end-to-end<\/li>\n<li>DevOps\/SRE teams supporting ML production systems<\/li>\n<li>Governance\/security teams needing auditability and controls<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Workloads<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Supervised learning models (classification\/regression)<\/li>\n<li>NLP and ranking models<\/li>\n<li>Time-series forecasting<\/li>\n<li>Computer vision<\/li>\n<li>Generative AI tuned models (where supported in Vertex AI\u2014verify current product behavior)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Architectures<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>CI\/CD-driven training and release pipelines (Cloud Build + Vertex AI)<\/li>\n<li>Pipeline-driven ML (Vertex AI Pipelines + Model Registry as final artifact store)<\/li>\n<li>Multi-project environments (dev\/stage\/prod separation)<\/li>\n<li>Hybrid: training on Vertex, serving elsewhere but using registry for governance<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Real-world deployment contexts<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Production<\/strong>: models registered, versioned, and deployed to endpoints with monitoring.<\/li>\n<li><strong>Dev\/test<\/strong>: frequent uploads, short-lived versions, sandbox deployments.<\/li>\n<li><strong>Regulated environments<\/strong>: strict IAM, controlled promotion process, logging and review.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">5. Top Use Cases and Scenarios<\/h2>\n\n\n\n<p>Below are realistic scenarios where Vertex AI Model Registry is a good fit.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) Central registry for all production models<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Teams store models in separate buckets and cannot reliably identify production artifacts.<\/li>\n<li><strong>Why it fits<\/strong>: Model Registry provides a consistent catalog with IAM, labels, and searchable metadata.<\/li>\n<li><strong>Example<\/strong>: A platform team mandates that every production model must be registered with labels <code>owner<\/code>, <code>env<\/code>, and <code>data-classification<\/code>.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) Model versioning for safe rollouts<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: A new model release breaks predictions and rollback is slow.<\/li>\n<li><strong>Why it fits<\/strong>: Model Registry stores versions so your deployment process can quickly switch back.<\/li>\n<li><strong>Example<\/strong>: Keep <code>v12<\/code> and <code>v13<\/code> registered; deploy <code>v13<\/code> gradually and roll back to <code>v12<\/code> if metrics degrade.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) CI\/CD pipeline \u201cregister on success\u201d<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Training scripts produce artifacts but nothing guarantees they are usable\/deployable.<\/li>\n<li><strong>Why it fits<\/strong>: The final pipeline stage uploads to Vertex AI Model Registry and fails if packaging is wrong.<\/li>\n<li><strong>Example<\/strong>: Cloud Build triggers on Git tag <code>model-*<\/code>, runs tests, builds a container, uploads the model, and adds labels for release tracking.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) Standardized serving container governance<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Different teams use different inference servers; hard to maintain and secure.<\/li>\n<li><strong>Why it fits<\/strong>: Registry entries can pin the serving container image and expected predict route\/ports.<\/li>\n<li><strong>Example<\/strong>: Security requires inference containers to be built from a hardened base image; registry points to those approved images.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) Cross-environment promotion (dev \u2192 stage \u2192 prod)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: \u201cWorks in dev\u201d models get deployed to prod without consistent promotion checks.<\/li>\n<li><strong>Why it fits<\/strong>: Use separate projects or version aliases and labels to indicate release stage.<\/li>\n<li><strong>Example<\/strong>: <code>my-model@staging<\/code> gets validated; a promotion job copies or re-registers it into the prod project.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Pipeline lineage and traceability (model-to-data)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: After an incident, you can\u2019t prove which dataset or training code produced a model.<\/li>\n<li><strong>Why it fits<\/strong>: Vertex AI Pipelines + metadata can associate runs and artifacts with the registered model.<\/li>\n<li><strong>Example<\/strong>: A pipeline run writes metadata that ties model version to BigQuery dataset snapshot.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) Multi-team discovery and reuse<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Teams rebuild similar models because they can\u2019t find existing ones.<\/li>\n<li><strong>Why it fits<\/strong>: Registry is searchable; standard naming\/labels help discoverability.<\/li>\n<li><strong>Example<\/strong>: Fraud team finds the risk model used in another region and reuses the pipeline or artifacts.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) Controlled access for regulated models<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Sensitive models must not be modified or deployed by unauthorized users.<\/li>\n<li><strong>Why it fits<\/strong>: IAM on Vertex AI resources plus centralized registry workflow.<\/li>\n<li><strong>Example<\/strong>: Only a release engineering group can upload\/update models; product teams can only view and request promotion.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">9) Batch prediction reproducibility<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Batch jobs run with \u201clatest\u201d artifact path and silently change behavior.<\/li>\n<li><strong>Why it fits<\/strong>: Batch prediction jobs can reference a specific registered model ID\/version.<\/li>\n<li><strong>Example<\/strong>: Monthly forecast job always uses <code>model version v2026-03<\/code> and logs the model ID.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">10) Blue\/green or canary endpoint releases<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Rolling out a new model risks downtime or business KPI drops.<\/li>\n<li><strong>Why it fits<\/strong>: Registry + endpoints enable controlled deployment strategies (traffic split is handled at endpoint\/deployment level).<\/li>\n<li><strong>Example<\/strong>: Deploy new model version to the same endpoint with 10% traffic, then increase.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">11) Model retirement and inventory management<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Old models remain deployed or referenced and create security risk.<\/li>\n<li><strong>Why it fits<\/strong>: Registry inventory helps identify stale models; enforce lifecycle policies and cleanup.<\/li>\n<li><strong>Example<\/strong>: Quarterly review finds models without owners; archive\/disable deployments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">12) Incident response and rollback<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Unexpected prediction skew after a data pipeline change.<\/li>\n<li><strong>Why it fits<\/strong>: Registry enables quick identification of deployed model version and rollback path.<\/li>\n<li><strong>Example<\/strong>: On-call sees endpoint uses <code>model version v15<\/code>; rollback to <code>v14<\/code> while investigating.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">6. Core Features<\/h2>\n\n\n\n<blockquote>\n<p>Note: Vertex AI feature sets evolve. For any feature that is newly introduced or subject to change (especially versions\/aliases UI behavior), <strong>verify in official docs<\/strong> before building a hard dependency into your release process.<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">1) Model registration (upload\/import)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Creates a Vertex AI Model resource that references model artifacts and serving configuration.<\/li>\n<li><strong>Why it matters<\/strong>: Converts \u201csome files in a bucket\u201d into a managed, discoverable, deployable asset.<\/li>\n<li><strong>Practical benefit<\/strong>: Teams can list\/describe models, control access, and deploy consistently.<\/li>\n<li><strong>Caveats<\/strong>: Artifacts must follow the expectations of the chosen serving approach (prebuilt vs custom container).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) Metadata: labels, descriptions, and resource organization<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Lets you attach searchable metadata to model entries.<\/li>\n<li><strong>Why it matters<\/strong>: Enables governance, cost allocation, ownership, and lifecycle management.<\/li>\n<li><strong>Practical benefit<\/strong>: Filter models by <code>team=fraud<\/code>, <code>env=prod<\/code>, <code>pii=false<\/code>, etc.<\/li>\n<li><strong>Caveats<\/strong>: Labels are not a replacement for a formal approval workflow; enforce label policies via automation.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) Model versions (where applicable) and lifecycle organization<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Enables multiple iterations under a model identity (and\/or multiple model resources with conventions).<\/li>\n<li><strong>Why it matters<\/strong>: You can keep a stable \u201cmodel name\u201d while iterating versions.<\/li>\n<li><strong>Practical benefit<\/strong>: Rollback and comparison are easier.<\/li>\n<li><strong>Caveats<\/strong>: The exact UX and API fields for versions\/aliases may change\u2014<strong>verify in docs and API reference<\/strong> for your chosen workflow.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) Integration with Vertex AI Endpoints (deployment)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: A registered model can be deployed to an Endpoint for online prediction (if compatible).<\/li>\n<li><strong>Why it matters<\/strong>: Registry and serving are connected; you don\u2019t deploy random artifacts.<\/li>\n<li><strong>Practical benefit<\/strong>: Shorter path from \u201ctrained\u201d to \u201cserved.\u201d<\/li>\n<li><strong>Caveats<\/strong>: Online prediction has additional costs and operational responsibilities (SLOs, scaling, monitoring).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) Integration with Vertex AI Pipelines and ML Metadata (lineage)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Pipelines can produce registered models and record lineage\/metadata for traceability.<\/li>\n<li><strong>Why it matters<\/strong>: Critical for regulated environments and debugging.<\/li>\n<li><strong>Practical benefit<\/strong>: Tie a model back to pipeline run, parameters, dataset version, and code revision.<\/li>\n<li><strong>Caveats<\/strong>: Lineage quality depends on your pipeline design and metadata capture discipline.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Console, API, and CLI access<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Manage models via UI, REST\/gRPC API, and <code>gcloud<\/code>.<\/li>\n<li><strong>Why it matters<\/strong>: Supports both interactive and automated workflows.<\/li>\n<li><strong>Practical benefit<\/strong>: Devs can explore in console; platform teams can automate in CI\/CD.<\/li>\n<li><strong>Caveats<\/strong>: Ensure <code>gcloud<\/code> SDK is updated; commands\/flags can evolve.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) IAM-based access control<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Use Google Cloud IAM roles to control model operations.<\/li>\n<li><strong>Why it matters<\/strong>: Prevents unauthorized uploads\/deployments\/updates.<\/li>\n<li><strong>Practical benefit<\/strong>: Separate duties (data scientist can register; only SRE can deploy).<\/li>\n<li><strong>Caveats<\/strong>: Overly broad roles (like project Editor) weaken governance.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) Auditability via Cloud Audit Logs<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Records administrative actions on Vertex AI resources.<\/li>\n<li><strong>Why it matters<\/strong>: Supports incident investigation and compliance.<\/li>\n<li><strong>Practical benefit<\/strong>: Track who uploaded a model and when.<\/li>\n<li><strong>Caveats<\/strong>: Audit log retention\/export is your responsibility (for example, log sinks to BigQuery).<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">7. Architecture and How It Works<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">High-level architecture<\/h3>\n\n\n\n<p>Vertex AI Model Registry is a control-plane system that stores:\n&#8211; A model\u2019s identity and metadata (name, labels, timestamps)\n&#8211; A pointer to artifacts (commonly in Cloud Storage)\n&#8211; Serving configuration (container image and predict\/health routes) when needed<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Request\/data\/control flow (typical)<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Training produces model artifacts (local, Vertex training job, or pipeline).<\/li>\n<li>Artifacts are stored in <strong>Cloud Storage<\/strong> (or another supported location pattern).<\/li>\n<li>A CI\/CD job or pipeline calls <strong>Vertex AI API<\/strong> to upload a model and create a Model resource in the registry.<\/li>\n<li>Later, a deployment workflow selects a specific model (and version) and deploys to <strong>Vertex AI Endpoint<\/strong>.<\/li>\n<li>Operations teams monitor logs\/metrics; updates result in new versions\/registrations.<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Integrations with related services<\/h3>\n\n\n\n<p>Common integrations include:\n&#8211; <strong>Cloud Storage<\/strong>: primary artifact store for model files.\n&#8211; <strong>Artifact Registry<\/strong>: stores custom serving container images.\n&#8211; <strong>Cloud Build<\/strong>: builds and scans containers, automates registration.\n&#8211; <strong>Vertex AI Pipelines<\/strong>: creates models as pipeline outputs and captures metadata lineage.\n&#8211; <strong>Cloud Logging<\/strong> + <strong>Cloud Monitoring<\/strong>: operational visibility.\n&#8211; <strong>IAM<\/strong> + <strong>Cloud Audit Logs<\/strong>: access control and auditing.\n&#8211; <strong>VPC Service Controls<\/strong> (optional): perimeter security for sensitive environments.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Dependency services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Vertex AI API enabled in the project<\/li>\n<li>Cloud Storage for artifacts<\/li>\n<li>Artifact Registry for serving containers (if using custom containers)<\/li>\n<li>A supported runtime for prediction (custom container or prebuilt)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/authentication model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Authentication via <strong>IAM<\/strong> using user credentials, service accounts, or workload identity federation.<\/li>\n<li>Authorization via Vertex AI IAM permissions (roles like Admin\/User\/Viewer).<\/li>\n<li>Service accounts are typically used for automated uploads\/registrations.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Networking model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Registry operations are control-plane API calls to Google Cloud endpoints.<\/li>\n<li>Artifact access may require:<\/li>\n<li>Proper IAM permissions to the Cloud Storage bucket<\/li>\n<li>(Optional) VPC Service Controls to restrict data exfiltration<\/li>\n<li>If you deploy models, online prediction traffic is served via Vertex AI endpoints and can be configured with public\/private options (verify current endpoint networking options in docs).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Audit Logs<\/strong>: track model creation\/update\/deployment actions.<\/li>\n<li><strong>Labeling strategy<\/strong>: standardize labels for owner, environment, cost center, compliance domain.<\/li>\n<li><strong>Log sinks<\/strong>: export audit logs to BigQuery or a SIEM if needed.<\/li>\n<li><strong>Policy enforcement<\/strong>: use org policies and automation (Cloud Build checks) to ensure models meet requirements.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Simple architecture diagram<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart LR\n  A[Training code\\nNotebook\/Pipeline\/CI] --&gt; B[Model artifacts\\nCloud Storage]\n  A --&gt; C[Container image\\nArtifact Registry]\n  B --&gt; D[Vertex AI Model Registry\\n(Model resource)]\n  C --&gt; D\n  D --&gt; E[Deploy to Vertex AI Endpoint\\n(optional)]\n  E --&gt; F[Online predictions\\nApps\/Services]\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Production-style architecture diagram<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart TB\n  subgraph Dev[\"Dev Project\"]\n    D1[Vertex AI Training\/Pipelines] --&gt; S1[(Cloud Storage\\nArtifacts)]\n    D1 --&gt; M1[Vertex AI Model Registry\\nDev Models]\n  end\n\n  subgraph CICD[\"CI\/CD &amp; Governance\"]\n    G1[Cloud Build \/ GitHub Actions]\n    G2[Policy checks\\n(labels, vuln scans)]\n    AR[(Artifact Registry\\nServing Images)]\n    G1 --&gt; G2 --&gt; AR\n    G1 --&gt;|Upload model + metadata| M2\n  end\n\n  subgraph Prod[\"Prod Project (restricted)\"]\n    M2[Vertex AI Model Registry\\nProd Models]\n    E1[Vertex AI Endpoint]\n    MON[Cloud Monitoring]\n    LOG[Cloud Logging + Audit Logs]\n    VSC[VPC Service Controls\\n(optional)]\n  end\n\n  S1 --&gt;|Promote\/copy artifacts\\nor re-upload| M2\n  AR --&gt; M2\n  M2 --&gt;|Deploy| E1\n  E1 --&gt; MON\n  M2 --&gt; LOG\n  E1 --&gt; LOG\n  VSC --- M2\n  VSC --- E1\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">8. Prerequisites<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Account\/project requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A <strong>Google Cloud project<\/strong> with billing enabled.<\/li>\n<li>APIs enabled:<\/li>\n<li>Vertex AI API (<code>aiplatform.googleapis.com<\/code>)<\/li>\n<li>Cloud Storage (generally available)<\/li>\n<li>Artifact Registry API (if using custom containers)<\/li>\n<li>Cloud Build API (if building containers in Google Cloud)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Permissions \/ IAM roles<\/h3>\n\n\n\n<p>Minimum IAM depends on whether you only register models or also build containers and deploy:<\/p>\n\n\n\n<p>Common roles (examples):\n&#8211; For model registry operations:\n  &#8211; <code>roles\/aiplatform.user<\/code> (often sufficient for many operations) or\n  &#8211; <code>roles\/aiplatform.admin<\/code> (broad; use carefully)\n&#8211; For storage:\n  &#8211; <code>roles\/storage.admin<\/code> (broad) or scoped bucket permissions like <code>roles\/storage.objectAdmin<\/code>\n&#8211; For Artifact Registry:\n  &#8211; <code>roles\/artifactregistry.writer<\/code>\n&#8211; For Cloud Build:\n  &#8211; <code>roles\/cloudbuild.builds.editor<\/code><\/p>\n\n\n\n<p>For production, prefer least privilege and separate duties:\n&#8211; \u201cModel publisher\u201d service account can upload models.\n&#8211; \u201cDeployer\u201d service account can deploy models to endpoints.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Billing requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Vertex AI usage is billable for training, prediction, and some managed capabilities.<\/li>\n<li>Model Registry itself typically does not represent the primary cost driver, but <strong>artifact storage and deployment do<\/strong> (see Pricing section).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">CLI\/SDK\/tools needed<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Google Cloud SDK (<code>gcloud<\/code>) installed and authenticated:<\/li>\n<li>https:\/\/cloud.google.com\/sdk\/docs\/install<\/li>\n<li>(Optional) Python 3.9+ and pip for local model training\/container code.<\/li>\n<li>Docker (local) <strong>or<\/strong> Cloud Build for container builds.<\/li>\n<li>Access to Artifact Registry (for custom serving container images).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Region availability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Vertex AI is region-based. Choose a region supported for Vertex AI in your geography.<\/li>\n<li>Some Vertex AI features are region-limited. <strong>Verify in official docs<\/strong> for your chosen region:<\/li>\n<li>https:\/\/cloud.google.com\/vertex-ai\/docs\/general\/locations<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas\/limits<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Vertex AI has quotas for API usage and resource counts (models, endpoints, deployments).<\/li>\n<li>Always check current quotas:<\/li>\n<li>https:\/\/cloud.google.com\/vertex-ai\/quotas<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisite services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloud Storage bucket for model artifacts<\/li>\n<li>Artifact Registry repository for container images (for custom containers)<\/li>\n<li>Optional: BigQuery for logging\/analysis, Cloud Monitoring dashboards<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">9. Pricing \/ Cost<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Current pricing model (how costs are actually incurred)<\/h3>\n\n\n\n<p>Vertex AI Model Registry is part of Vertex AI. In most practical deployments, <strong>your costs come from adjacent resources<\/strong>, not from \u201chaving models listed\u201d in the registry.<\/p>\n\n\n\n<p>Cost dimensions to consider:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>Cloud Storage (artifacts)<\/strong>\n   &#8211; Storage capacity (GB-month)\n   &#8211; Operations (PUT\/GET\/LIST)\n   &#8211; Data transfer (especially cross-region and egress)<\/p>\n<\/li>\n<li>\n<p><strong>Artifact Registry (serving container images)<\/strong>\n   &#8211; Image storage (GB-month)\n   &#8211; Data transfer when pulling images<\/p>\n<\/li>\n<li>\n<p><strong>Vertex AI operations<\/strong>\n   &#8211; Training jobs (if using Vertex training)\n   &#8211; Online prediction (endpoint node hours, autoscaling, GPU\/CPU selection)\n   &#8211; Batch prediction (compute hours)\n   &#8211; Model monitoring or other managed add-ons (if enabled)<\/p>\n<\/li>\n<li>\n<p><strong>Networking<\/strong>\n   &#8211; Egress to the internet or other clouds\n   &#8211; Cross-region data movement (artifacts, logs, predictions)<\/p>\n<\/li>\n<\/ol>\n\n\n\n<blockquote>\n<p>Pricing source of truth:\n&#8211; Vertex AI pricing: https:\/\/cloud.google.com\/vertex-ai\/pricing<br\/>\n&#8211; Google Cloud Pricing Calculator: https:\/\/cloud.google.com\/products\/calculator<br\/>\n&#8211; Cloud Storage pricing: https:\/\/cloud.google.com\/storage\/pricing<br\/>\n&#8211; Artifact Registry pricing: https:\/\/cloud.google.com\/artifact-registry\/pricing<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">Free tier<\/h3>\n\n\n\n<p>Google Cloud has free tiers for some products (not always applicable to Vertex AI usage). For Vertex AI and model hosting, free usage is limited and changes over time. <strong>Verify in official pricing pages<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Cost drivers (what usually makes bills go up)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Deploying endpoints and leaving them running (node-hours).<\/li>\n<li>Using GPUs for online prediction.<\/li>\n<li>Storing many large model artifacts (and duplicates across environments).<\/li>\n<li>Frequent model pulls and artifact downloads across regions.<\/li>\n<li>Logging volume (especially verbose request\/response logs).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Hidden\/indirect costs to plan for<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Keeping multiple environments (dev\/stage\/prod) with separate artifacts.<\/li>\n<li>Container image scanning\/CI steps (time and storage).<\/li>\n<li>BigQuery log sinks (storage + query costs).<\/li>\n<li>Cross-project artifact copies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network\/data transfer implications<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Keep artifacts and endpoints in the <strong>same region<\/strong> where possible.<\/li>\n<li>Avoid cross-region GCS bucket usage for latency and cost reasons.<\/li>\n<li>Be careful when developers download artifacts to local machines repeatedly.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How to optimize cost<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use <strong>lifecycle rules<\/strong> in Cloud Storage for old artifacts (archive\/delete).<\/li>\n<li>Deduplicate artifacts; store only needed versions.<\/li>\n<li>Prefer CPU-only serving unless GPU is required.<\/li>\n<li>Use autoscaling and minimum replicas wisely (endpoints can be expensive if always-on).<\/li>\n<li>Keep CI builds efficient; clean up old container tags.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Example low-cost starter estimate (no fabricated prices)<\/h3>\n\n\n\n<p>A low-cost starter setup typically includes:\n&#8211; 1 Cloud Storage bucket with a few small model artifacts (tens to hundreds of MB)\n&#8211; 1 Artifact Registry repo with a small inference container image\n&#8211; No always-on endpoint (only registry operations)<\/p>\n\n\n\n<p>Your main costs are usually:\n&#8211; Cloud Storage storage + operations\n&#8211; Artifact Registry storage\n&#8211; Minimal API usage<\/p>\n\n\n\n<p>Use the pricing calculator to estimate based on:\n&#8211; Artifact size\n&#8211; Number of versions\n&#8211; Region<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Example production cost considerations<\/h3>\n\n\n\n<p>In production, costs are often dominated by:\n&#8211; Always-on endpoints (CPU\/GPU node hours)\n&#8211; High QPS traffic (autoscaling replicas)\n&#8211; Monitoring\/logging retention\n&#8211; Multi-region resiliency (duplicated artifacts, multi-region deployment)<\/p>\n\n\n\n<p>A cost review checklist:\n&#8211; Are endpoints right-sized and autoscaling configured?\n&#8211; Are old versions cleaned up?\n&#8211; Are artifacts stored once per lifecycle stage, not duplicated unnecessarily?\n&#8211; Are logs sampled\/redacted?<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n<p>This lab focuses on <strong>registering a real model<\/strong> into Vertex AI Model Registry using a <strong>custom prediction container<\/strong> (so you are not dependent on prebuilt container image URIs that may change). The deployment step is optional to keep costs low.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Objective<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Train a small scikit-learn model locally.<\/li>\n<li>Package it into a minimal custom prediction container.<\/li>\n<li>Push the container to Artifact Registry.<\/li>\n<li>Upload\/register the model into <strong>Vertex AI Model Registry<\/strong>.<\/li>\n<li>(Optional) Create a second version.<\/li>\n<li>(Optional) Deploy to a Vertex AI Endpoint to confirm end-to-end viability.<\/li>\n<li>Clean up all resources.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Lab Overview<\/h3>\n\n\n\n<p>You will create:\n&#8211; A Cloud Storage bucket for model artifacts\n&#8211; An Artifact Registry repository for container images\n&#8211; A model artifact (<code>model.joblib<\/code>) uploaded to Cloud Storage\n&#8211; A custom serving container image pushed to Artifact Registry\n&#8211; A Vertex AI Model resource registered in Model Registry (and optionally a new version)\n&#8211; (Optional) An endpoint deployment for test prediction<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Set environment variables and enable APIs<\/h3>\n\n\n\n<p><strong>Expected outcome<\/strong>: Your project is selected, APIs are enabled, and you have a region chosen.<\/p>\n\n\n\n<pre><code class=\"language-bash\"># Set these values\nexport PROJECT_ID=\"YOUR_PROJECT_ID\"\nexport REGION=\"us-central1\"   # choose a Vertex AI supported region\nexport REPO=\"vertex-models\"\nexport IMAGE_NAME=\"iris-sklearn-serving\"\nexport MODEL_DISPLAY_NAME=\"iris-sklearn-model\"\n\ngcloud config set project \"${PROJECT_ID}\"\ngcloud config set ai\/region \"${REGION}\"\n<\/code><\/pre>\n\n\n\n<p>Enable required APIs:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud services enable \\\n  aiplatform.googleapis.com \\\n  artifactregistry.googleapis.com \\\n  cloudbuild.googleapis.com\n<\/code><\/pre>\n\n\n\n<p>Verify:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud services list --enabled --filter=\"name:(aiplatform.googleapis.com artifactregistry.googleapis.com cloudbuild.googleapis.com)\"\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Create a Cloud Storage bucket for artifacts<\/h3>\n\n\n\n<p><strong>Expected outcome<\/strong>: A bucket exists and is accessible by you.<\/p>\n\n\n\n<p>Choose a globally unique bucket name:<\/p>\n\n\n\n<pre><code class=\"language-bash\">export BUCKET=\"gs:\/\/${PROJECT_ID}-vertex-model-registry-artifacts\"\ngsutil mb -l \"${REGION}\" \"${BUCKET}\"\n<\/code><\/pre>\n\n\n\n<p>Verification:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gsutil ls \"${BUCKET}\"\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Create an Artifact Registry repository<\/h3>\n\n\n\n<p><strong>Expected outcome<\/strong>: A Docker repository exists for your serving images.<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud artifacts repositories create \"${REPO}\" \\\n  --repository-format=docker \\\n  --location=\"${REGION}\" \\\n  --description=\"Serving images for Vertex AI Model Registry tutorial\"\n<\/code><\/pre>\n\n\n\n<p>Verify:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud artifacts repositories list --location=\"${REGION}\"\n<\/code><\/pre>\n\n\n\n<p>Configure Docker auth:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud auth configure-docker \"${REGION}-docker.pkg.dev\"\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Train a tiny model locally and upload the artifact to Cloud Storage<\/h3>\n\n\n\n<p><strong>Expected outcome<\/strong>: You have a real model file in Cloud Storage.<\/p>\n\n\n\n<p>Create a working directory:<\/p>\n\n\n\n<pre><code class=\"language-bash\">mkdir -p vertex-model-registry-lab\ncd vertex-model-registry-lab\npython3 -m venv .venv\nsource .venv\/bin\/activate\npip install --upgrade pip\npip install scikit-learn joblib numpy\n<\/code><\/pre>\n\n\n\n<p>Create <code>train.py<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-python\">from sklearn.datasets import load_iris\nfrom sklearn.model_selection import train_test_split\nfrom sklearn.linear_model import LogisticRegression\nimport joblib\nimport os\n\niris = load_iris()\nX_train, X_test, y_train, y_test = train_test_split(\n    iris.data, iris.target, test_size=0.2, random_state=42\n)\n\nmodel = LogisticRegression(max_iter=200)\nmodel.fit(X_train, y_train)\n\nos.makedirs(\"model_artifact\", exist_ok=True)\njoblib.dump(model, \"model_artifact\/model.joblib\")\n\nprint(\"Saved model to model_artifact\/model.joblib\")\nprint(\"Test accuracy:\", model.score(X_test, y_test))\n<\/code><\/pre>\n\n\n\n<p>Run it:<\/p>\n\n\n\n<pre><code class=\"language-bash\">python train.py\nls -lh model_artifact\/\n<\/code><\/pre>\n\n\n\n<p>Upload artifacts to Cloud Storage:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gsutil -m cp -r model_artifact \"${BUCKET}\/iris\/v1\/\"\n<\/code><\/pre>\n\n\n\n<p>Verification:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gsutil ls -r \"${BUCKET}\/iris\/v1\/\"\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Build a custom prediction container (Vertex AI-compatible)<\/h3>\n\n\n\n<p><strong>Expected outcome<\/strong>: A container image is built and pushed to Artifact Registry.<\/p>\n\n\n\n<p>Create <code>app.py<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-python\">import os\nimport joblib\nfrom flask import Flask, request, jsonify\n\nARTIFACT_DIR = os.environ.get(\"ARTIFACT_DIR\", \"\/model\")\nMODEL_PATH = os.path.join(ARTIFACT_DIR, \"model.joblib\")\n\napp = Flask(__name__)\nmodel = joblib.load(MODEL_PATH)\n\n@app.get(\"\/health\")\ndef health():\n    return \"ok\", 200\n\n@app.post(\"\/predict\")\ndef predict():\n    payload = request.get_json(force=True)\n    instances = payload.get(\"instances\", [])\n    if not isinstance(instances, list) or len(instances) == 0:\n        return jsonify({\"error\": \"instances must be a non-empty list\"}), 400\n\n    preds = model.predict(instances)\n    return jsonify({\"predictions\": preds.tolist()})\n<\/code><\/pre>\n\n\n\n<p>Create <code>requirements.txt<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-text\">flask==3.0.3\ngunicorn==22.0.0\njoblib==1.4.2\nscikit-learn==1.5.1\nnumpy==2.0.1\n<\/code><\/pre>\n\n\n\n<blockquote>\n<p>Version note: If these exact versions conflict with your environment, adjust. The concept remains the same.<\/p>\n<\/blockquote>\n\n\n\n<p>Create <code>Dockerfile<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-dockerfile\">FROM python:3.11-slim\n\n# Basic hardening defaults\nENV PYTHONDONTWRITEBYTECODE=1 \\\n    PYTHONUNBUFFERED=1\n\nWORKDIR \/app\n\nCOPY requirements.txt .\nRUN pip install --no-cache-dir -r requirements.txt\n\nCOPY app.py .\n\n# Vertex AI custom container uses an HTTP server (commonly on 8080).\n# Vertex sets AIP_HTTP_PORT in some contexts; we'll default to 8080.\nENV PORT=8080\nEXPOSE 8080\n\n# Model files will be placed at \/model\/model.joblib by Vertex AI (via artifact URI)\nENV ARTIFACT_DIR=\/model\n\nCMD [\"sh\", \"-c\", \"gunicorn -b 0.0.0.0:${PORT} app:app\"]\n<\/code><\/pre>\n\n\n\n<p>Build and push with Cloud Build (recommended to avoid local Docker setup differences):<\/p>\n\n\n\n<pre><code class=\"language-bash\">export IMAGE_URI=\"${REGION}-docker.pkg.dev\/${PROJECT_ID}\/${REPO}\/${IMAGE_NAME}:v1\"\n\ngcloud builds submit --tag \"${IMAGE_URI}\" .\n<\/code><\/pre>\n\n\n\n<p>Verify the image exists:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud artifacts docker images list \"${REGION}-docker.pkg.dev\/${PROJECT_ID}\/${REPO}\"\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Upload\/register the model in Vertex AI Model Registry<\/h3>\n\n\n\n<p><strong>Expected outcome<\/strong>: A Vertex AI Model resource appears in the Model Registry, pointing to your artifacts and serving image.<\/p>\n\n\n\n<p>Upload the model:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud ai models upload \\\n  --region=\"${REGION}\" \\\n  --display-name=\"${MODEL_DISPLAY_NAME}\" \\\n  --artifact-uri=\"${BUCKET}\/iris\/v1\/model_artifact\" \\\n  --container-image-uri=\"${IMAGE_URI}\" \\\n  --container-predict-route=\"\/predict\" \\\n  --container-health-route=\"\/health\" \\\n  --labels=\"env=dev,team=lab,model=iris\"\n<\/code><\/pre>\n\n\n\n<p>Notes:\n&#8211; <code>--artifact-uri<\/code> should point to the directory containing <code>model.joblib<\/code>.\n&#8211; The container must load the artifact at the expected path (<code>\/model<\/code> for custom container deployments). Vertex AI downloads artifacts into the container filesystem at runtime for serving.<\/p>\n\n\n\n<p>Capture the created model ID:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud ai models list --region=\"${REGION}\" --filter=\"displayName=${MODEL_DISPLAY_NAME}\" --format=\"table(name,displayName,createTime)\"\n<\/code><\/pre>\n\n\n\n<p>Describe the model:<\/p>\n\n\n\n<pre><code class=\"language-bash\">export MODEL_ID=\"$(gcloud ai models list --region=\"${REGION}\" --filter=\"displayName=${MODEL_DISPLAY_NAME}\" --format=\"value(name)\" | tail -n 1 | awk -F\/ '{print $NF}')\"\necho \"MODEL_ID=${MODEL_ID}\"\n\ngcloud ai models describe \"${MODEL_ID}\" --region=\"${REGION}\"\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 7 (Optional): Upload a second version (or a \u201cv2\u201d model)<\/h3>\n\n\n\n<p>There are two common approaches in real organizations:<\/p>\n\n\n\n<p><strong>A) Model versions under a single model identity<\/strong><br\/>\nIf your workflow and API support creating a new version under a parent model, you can upload again referencing the parent model. The exact CLI flag can vary by <code>gcloud<\/code> version and feature availability\u2014run <code>gcloud ai models upload --help<\/code> and <strong>verify in official docs<\/strong>.<\/p>\n\n\n\n<p><strong>B) Separate model resources with strict naming and labels<\/strong><br\/>\nMany teams simply register a new model resource (for example, <code>iris-sklearn-model-v2<\/code>) and treat the display name + labels as the versioning mechanism.<\/p>\n\n\n\n<p>Below demonstrates a simple \u201cv2\u201d artifact + re-upload as a separate model resource (most universally applicable).<\/p>\n\n\n\n<p><strong>Expected outcome<\/strong>: A second registered model exists that represents a newer iteration.<\/p>\n\n\n\n<p>Create a slightly different model (change random seed or hyperparameter). Edit <code>train.py<\/code> to change <code>random_state<\/code> or <code>max_iter<\/code>, re-run, and upload to a new artifact path:<\/p>\n\n\n\n<pre><code class=\"language-bash\">python train.py\ngsutil -m cp -r model_artifact \"${BUCKET}\/iris\/v2\/\"\n<\/code><\/pre>\n\n\n\n<p>Upload a new model resource:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud ai models upload \\\n  --region=\"${REGION}\" \\\n  --display-name=\"${MODEL_DISPLAY_NAME}-v2\" \\\n  --artifact-uri=\"${BUCKET}\/iris\/v2\/model_artifact\" \\\n  --container-image-uri=\"${IMAGE_URI}\" \\\n  --container-predict-route=\"\/predict\" \\\n  --container-health-route=\"\/health\" \\\n  --labels=\"env=dev,team=lab,model=iris,version=v2\"\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 8 (Optional): Deploy to an endpoint and test a prediction<\/h3>\n\n\n\n<p>This step incurs additional cost if left running. Keep it short and clean up.<\/p>\n\n\n\n<p><strong>Expected outcome<\/strong>: Endpoint is created, model is deployed, you can request a prediction.<\/p>\n\n\n\n<p>Create an endpoint:<\/p>\n\n\n\n<pre><code class=\"language-bash\">export ENDPOINT_DISPLAY_NAME=\"iris-endpoint\"\ngcloud ai endpoints create \\\n  --region=\"${REGION}\" \\\n  --display-name=\"${ENDPOINT_DISPLAY_NAME}\"\n<\/code><\/pre>\n\n\n\n<p>Get endpoint ID:<\/p>\n\n\n\n<pre><code class=\"language-bash\">export ENDPOINT_ID=\"$(gcloud ai endpoints list --region=\"${REGION}\" --filter=\"displayName=${ENDPOINT_DISPLAY_NAME}\" --format=\"value(name)\" | awk -F\/ '{print $NF}')\"\necho \"ENDPOINT_ID=${ENDPOINT_ID}\"\n<\/code><\/pre>\n\n\n\n<p>Deploy the model:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud ai endpoints deploy-model \"${ENDPOINT_ID}\" \\\n  --region=\"${REGION}\" \\\n  --model=\"${MODEL_ID}\" \\\n  --display-name=\"iris-deployment\" \\\n  --machine-type=\"n1-standard-2\" \\\n  --min-replica-count=1 \\\n  --max-replica-count=1 \\\n  --traffic-split=0=100\n<\/code><\/pre>\n\n\n\n<p>Create <code>request.json<\/code>:<\/p>\n\n\n\n<pre><code class=\"language-json\">{\n  \"instances\": [\n    [5.1, 3.5, 1.4, 0.2],\n    [6.2, 3.4, 5.4, 2.3]\n  ]\n}\n<\/code><\/pre>\n\n\n\n<p>Send prediction:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud ai endpoints predict \"${ENDPOINT_ID}\" \\\n  --region=\"${REGION}\" \\\n  --json-request=\"request.json\"\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Validation<\/h3>\n\n\n\n<p>Use this checklist to confirm success:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Models appear in the registry:\n  <code>bash\n  gcloud ai models list --region=\"${REGION}\"<\/code><\/li>\n<li>Model points to your artifact URI and container settings:\n  <code>bash\n  gcloud ai models describe \"${MODEL_ID}\" --region=\"${REGION}\"<\/code><\/li>\n<li>(If deployed) Endpoint shows a deployed model:\n  <code>bash\n  gcloud ai endpoints describe \"${ENDPOINT_ID}\" --region=\"${REGION}\"<\/code><\/li>\n<li>(If deployed) Prediction returns class IDs (0\/1\/2 for Iris):\n  <code>bash\n  gcloud ai endpoints predict \"${ENDPOINT_ID}\" --region=\"${REGION}\" --json-request=\"request.json\"<\/code><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Troubleshooting<\/h3>\n\n\n\n<p>Common issues and fixes:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>Permission denied to Cloud Storage<\/strong>\n   &#8211; Symptom: upload\/deploy fails with GCS permission errors.\n   &#8211; Fix: ensure your user\/service account has access to the bucket (<code>storage.objectAdmin<\/code> at least).<\/p>\n<\/li>\n<li>\n<p><strong>Container fails health check<\/strong>\n   &#8211; Symptom: deployment fails or endpoint reports unhealthy.\n   &#8211; Fix: confirm your container listens on port 8080 and responds to <code>GET \/health<\/code> with 200.\n   &#8211; Check Cloud Logging for container logs (endpoint deployment logs).<\/p>\n<\/li>\n<li>\n<p><strong>Predict route mismatch<\/strong>\n   &#8211; Symptom: 404 on <code>\/predict<\/code>.\n   &#8211; Fix: ensure <code>--container-predict-route=\"\/predict\"<\/code> matches your app route.<\/p>\n<\/li>\n<li>\n<p><strong>Model file not found<\/strong>\n   &#8211; Symptom: container logs show missing <code>\/model\/model.joblib<\/code>.\n   &#8211; Fix: confirm artifact URI points to a directory containing <code>model.joblib<\/code> and your app loads from <code>\/model\/model.joblib<\/code>.<\/p>\n<\/li>\n<li>\n<p><strong>gcloud flag differences<\/strong>\n   &#8211; Symptom: a flag is unrecognized.\n   &#8211; Fix: update gcloud (<code>gcloud components update<\/code>) and consult:<\/p>\n<ul>\n<li><code>gcloud ai models upload --help<\/code><\/li>\n<li>Official CLI docs: https:\/\/cloud.google.com\/sdk\/gcloud\/reference\/ai\/models\/upload<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\">Cleanup<\/h3>\n\n\n\n<p>To avoid ongoing cost, delete resources you created.<\/p>\n\n\n\n<p>If you deployed an endpoint, undeploy and delete it:<\/p>\n\n\n\n<pre><code class=\"language-bash\"># List deployed models to get DEPLOYED_MODEL_ID\ngcloud ai endpoints describe \"${ENDPOINT_ID}\" --region=\"${REGION}\" --format=\"json\"\n\n# If needed, undeploy using the deployedModelId (from the endpoint describe output)\n# gcloud ai endpoints undeploy-model \"${ENDPOINT_ID}\" --region=\"${REGION}\" --deployed-model-id=\"DEPLOYED_MODEL_ID\"\n\ngcloud ai endpoints delete \"${ENDPOINT_ID}\" --region=\"${REGION}\" --quiet\n<\/code><\/pre>\n\n\n\n<p>Delete models (repeat for v2 if created):<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud ai models delete \"${MODEL_ID}\" --region=\"${REGION}\" --quiet\n\n# If you created a v2 model, find its ID and delete it too\ngcloud ai models list --region=\"${REGION}\" --filter=\"displayName=${MODEL_DISPLAY_NAME}-v2\" --format=\"value(name)\" \\\n  | awk -F\/ '{print $NF}' \\\n  | xargs -I{} gcloud ai models delete {} --region=\"${REGION}\" --quiet\n<\/code><\/pre>\n\n\n\n<p>Delete Artifact Registry image (optional) and repository:<\/p>\n\n\n\n<pre><code class=\"language-bash\"># Delete repo (deletes images inside)\ngcloud artifacts repositories delete \"${REPO}\" --location=\"${REGION}\" --quiet\n<\/code><\/pre>\n\n\n\n<p>Delete Cloud Storage bucket:<\/p>\n\n\n\n<pre><code class=\"language-bash\">gsutil -m rm -r \"${BUCKET}\"\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">11. Best Practices<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Architecture best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Choose a clear environment model<\/strong>:<\/li>\n<li>Separate projects for dev\/stage\/prod, or<\/li>\n<li>One project with strict labels and IAM boundaries (harder to govern at scale).<\/li>\n<li><strong>Keep region alignment<\/strong>: registry region, artifact bucket location, and endpoint location should match whenever possible.<\/li>\n<li><strong>Treat registry as the \u201csource of truth\u201d<\/strong>: deployments should reference registered models, not raw bucket paths.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">IAM\/security best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use <strong>dedicated service accounts<\/strong> for:<\/li>\n<li>model upload\/publish<\/li>\n<li>deployment<\/li>\n<li>pipeline execution<\/li>\n<li>Avoid broad roles (Project Editor\/Owner) for day-to-day operations.<\/li>\n<li>Use least privilege and add permissions only when required.<\/li>\n<li>Restrict who can <strong>update\/delete<\/strong> models in production projects.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Cost best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use Cloud Storage lifecycle policies to expire or archive old model artifacts.<\/li>\n<li>Regularly review:<\/li>\n<li>old model versions<\/li>\n<li>unused endpoints\/deployments<\/li>\n<li>stale container image tags<\/li>\n<li>Avoid duplicating large artifacts across many paths without purpose.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Performance best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Keep artifacts small and optimized (compress if appropriate; remove training-only files).<\/li>\n<li>For online prediction, choose machine types based on latency\/QPS testing.<\/li>\n<li>Use autoscaling properly; avoid setting min replicas too high.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Reliability best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Maintain rollback readiness:<\/li>\n<li>keep the last known good model version registered and accessible<\/li>\n<li>script rollback deployment steps<\/li>\n<li>Store metadata needed for repeatability:<\/li>\n<li>training code revision<\/li>\n<li>dataset version<\/li>\n<li>evaluation metrics location<\/li>\n<li>Use canary releases (traffic split) at endpoint level when rolling out new models.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operations best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Standardize naming:<\/li>\n<li><code>team-usecase-modelname<\/code><\/li>\n<li>labels: <code>owner<\/code>, <code>env<\/code>, <code>cost_center<\/code>, <code>risk_tier<\/code>, <code>data_class<\/code><\/li>\n<li>Export Audit Logs to centralized logging\/analytics for compliance.<\/li>\n<li>Use dashboards\/alerts for endpoints (if serving).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Governance\/tagging\/naming best practices<\/h3>\n\n\n\n<p>A pragmatic labeling standard:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Label key<\/th>\n<th>Example<\/th>\n<th>Why it matters<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><code>owner<\/code><\/td>\n<td><code>fraud-ml<\/code><\/td>\n<td>Accountability<\/td>\n<\/tr>\n<tr>\n<td><code>env<\/code><\/td>\n<td><code>dev<\/code> \/ <code>prod<\/code><\/td>\n<td>Prevents mistakes<\/td>\n<\/tr>\n<tr>\n<td><code>version<\/code><\/td>\n<td><code>v2026_04_01<\/code><\/td>\n<td>Traceability<\/td>\n<\/tr>\n<tr>\n<td><code>cost_center<\/code><\/td>\n<td><code>cc-1420<\/code><\/td>\n<td>Chargeback\/showback<\/td>\n<\/tr>\n<tr>\n<td><code>data_class<\/code><\/td>\n<td><code>internal<\/code><\/td>\n<td>Compliance routing<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">12. Security Considerations<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Identity and access model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Vertex AI uses <strong>Google Cloud IAM<\/strong>.<\/li>\n<li>Use:<\/li>\n<li>user identities for interactive development<\/li>\n<li>service accounts for automation and pipelines<\/li>\n<li>Consider separation of duties:<\/li>\n<li>data scientists can register models in dev<\/li>\n<li>release engineering promotes\/replicates to prod<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Encryption<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Data in Google Cloud is encrypted at rest by default.<\/li>\n<li>For regulated environments:<\/li>\n<li>Consider CMEK (Customer-Managed Encryption Keys) where supported by the relevant storage\/service.<\/li>\n<li>Artifacts in Cloud Storage can use CMEK; verify Vertex AI support constraints in your region and workflow.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network exposure<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Registry operations are API calls.<\/li>\n<li>If you deploy models:<\/li>\n<li>Decide whether endpoints are public or private (private options depend on Vertex AI features\u2014verify current docs).<\/li>\n<li>Use <strong>VPC Service Controls<\/strong> to reduce data exfiltration risk in high-security environments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secrets handling<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Do not bake secrets into containers.<\/li>\n<li>Use Secret Manager for secrets and inject at runtime only when needed (for example, external API calls from inference\u2014often best avoided).<\/li>\n<li>Prefer service-to-service auth using IAM rather than static keys.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Audit\/logging<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enable and retain <strong>Cloud Audit Logs<\/strong> for Vertex AI Admin Activity.<\/li>\n<li>Export logs to BigQuery or a SIEM for long retention and analytics.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compliance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Model artifacts may contain sensitive information (for example, memorized examples, proprietary features).<\/li>\n<li>Treat models as sensitive assets:<\/li>\n<li>restrict downloads<\/li>\n<li>log access<\/li>\n<li>enforce retention policies<\/li>\n<li>If subject to HIPAA\/PCI\/SOC2\/ISO, coordinate with compliance teams and verify Google Cloud compliance offerings:<\/li>\n<li>https:\/\/cloud.google.com\/security\/compliance<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Common security mistakes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Using Project Owner for automation pipelines.<\/li>\n<li>Allowing broad public access to artifact buckets.<\/li>\n<li>Allowing developers to deploy directly to prod endpoints without review.<\/li>\n<li>Logging full prediction payloads that contain PII.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secure deployment recommendations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Separate projects for prod and non-prod.<\/li>\n<li>Enforce \u201cmodel publish\u201d via CI\/CD with required checks:<\/li>\n<li>container vulnerability scanning<\/li>\n<li>required labels<\/li>\n<li>artifact integrity checks (hashing)<\/li>\n<li>Use VPC Service Controls and Private Google Access where appropriate.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">13. Limitations and Gotchas<\/h2>\n\n\n\n<blockquote>\n<p>Limits and behavior change over time. Always confirm current constraints in official docs and quotas pages.<\/p>\n<\/blockquote>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Region scoping<\/strong>: Vertex AI models are created in a specific region; cross-region usage can be awkward.<\/li>\n<li><strong>Artifact locality<\/strong>: placing artifacts in a different region than the model\/endpoint can cause latency and cost.<\/li>\n<li><strong>No automatic governance<\/strong>: Model Registry helps organize models, but you still need to implement promotion\/approval workflows.<\/li>\n<li><strong>Versioning semantics<\/strong>: \u201cModel versions\u201d and \u201caliases\u201d may have specific API\/CLI requirements; verify your chosen approach.<\/li>\n<li><strong>Deletion impact<\/strong>: deleting a model resource may break dependent deployments or automation referencing it.<\/li>\n<li><strong>IAM complexity<\/strong>: least-privilege permissions can be non-trivial; test with service accounts early.<\/li>\n<li><strong>Endpoint costs<\/strong>: deploying for validation can be expensive if left running.<\/li>\n<li><strong>Container contract<\/strong>: custom containers must implement expected routes and port behavior; mismatches cause deployment failures.<\/li>\n<li><strong>Quotas<\/strong>: models\/endpoints\/deployments and API rate limits can block CI\/CD bursts\u2014check quotas early.<\/li>\n<li><strong>Supply chain<\/strong>: container vulnerabilities or unpinned base images can violate security policies; pin and scan images.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">14. Comparison with Alternatives<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Nearest services in Google Cloud<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Vertex AI Endpoints<\/strong>: serving layer, not a registry.<\/li>\n<li><strong>Vertex AI Pipelines<\/strong>: workflow automation and lineage capture; Model Registry is the catalog of the resulting model assets.<\/li>\n<li><strong>Artifact Registry<\/strong>: container\/image storage; not a model catalog with ML metadata.<\/li>\n<li><strong>Cloud Storage<\/strong>: raw artifact storage; lacks model identity, governance, and deployment integration.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Nearest services in other clouds<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>AWS SageMaker Model Registry<\/strong><\/li>\n<li><strong>Azure Machine Learning Registry \/ Model Management<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Open-source\/self-managed alternatives<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>MLflow Model Registry<\/strong><\/li>\n<li><strong>Kubeflow + metadata components<\/strong><\/li>\n<li>Self-built registry using databases + object storage (high maintenance)<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Comparison table<\/h4>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Option<\/th>\n<th>Best For<\/th>\n<th>Strengths<\/th>\n<th>Weaknesses<\/th>\n<th>When to Choose<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Vertex AI Model Registry (Google Cloud)<\/td>\n<td>Teams already using Vertex AI for training\/serving<\/td>\n<td>Integrated with Vertex AI, IAM, endpoints, pipelines; managed<\/td>\n<td>Region scoping; governance workflows still need implementation<\/td>\n<td>You want managed model catalog + easy deployment to Vertex endpoints<\/td>\n<\/tr>\n<tr>\n<td>Cloud Storage + naming conventions<\/td>\n<td>Small teams, early stage<\/td>\n<td>Simple, cheap, flexible<\/td>\n<td>No discoverability, weak governance, easy to make mistakes<\/td>\n<td>Prototyping only or very small model counts<\/td>\n<\/tr>\n<tr>\n<td>Artifact Registry only<\/td>\n<td>Container-only workflows<\/td>\n<td>Great for container lifecycle and scanning<\/td>\n<td>Not a model registry; doesn\u2019t capture model artifact metadata<\/td>\n<td>If your \u201cmodel\u201d is entirely a container and you handle metadata elsewhere<\/td>\n<\/tr>\n<tr>\n<td>AWS SageMaker Model Registry<\/td>\n<td>AWS-centric MLOps<\/td>\n<td>Strong SageMaker integration<\/td>\n<td>Cross-cloud overhead; different IAM model<\/td>\n<td>Your platform is on AWS<\/td>\n<\/tr>\n<tr>\n<td>Azure ML Registry<\/td>\n<td>Azure-centric MLOps<\/td>\n<td>Integrated with Azure ML<\/td>\n<td>Cross-cloud overhead; different patterns<\/td>\n<td>Your platform is on Azure<\/td>\n<\/tr>\n<tr>\n<td>MLflow Model Registry (self-managed)<\/td>\n<td>Hybrid\/on-prem\/multi-cloud<\/td>\n<td>Portable, ecosystem support<\/td>\n<td>You operate it; security\/scaling burden<\/td>\n<td>You need portability or custom governance beyond managed services<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">15. Real-World Example<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Enterprise example (regulated industry)<\/h3>\n\n\n\n<p><strong>Problem<\/strong><br\/>\nA financial services company runs dozens of credit risk and fraud models. Multiple teams deploy models, and audits require clear evidence of what model was used for decisions.<\/p>\n\n\n\n<p><strong>Proposed architecture<\/strong>\n&#8211; Vertex AI Pipelines train models and output artifacts to Cloud Storage (CMEK-enabled).\n&#8211; A controlled CI\/CD step registers models into <strong>Vertex AI Model Registry<\/strong> with mandatory labels:\n  &#8211; <code>owner<\/code>, <code>risk_tier<\/code>, <code>env<\/code>, <code>data_class<\/code>, <code>approval_ticket<\/code>\n&#8211; Only release engineering service accounts can register models in the prod project.\n&#8211; Vertex AI Endpoints serve approved models; Cloud Monitoring alerts on latency\/error rate.\n&#8211; Cloud Audit Logs exported to BigQuery with long retention.<\/p>\n\n\n\n<p><strong>Why Vertex AI Model Registry was chosen<\/strong>\n&#8211; Native integration with Vertex AI deployment.\n&#8211; IAM and auditability in Google Cloud.\n&#8211; Provides a consistent model inventory for governance.<\/p>\n\n\n\n<p><strong>Expected outcomes<\/strong>\n&#8211; Faster, safer rollouts with clear rollback options.\n&#8211; Auditable trail of model lifecycle events.\n&#8211; Reduced risk of unauthorized production changes.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Startup\/small-team example (lean MLOps)<\/h3>\n\n\n\n<p><strong>Problem<\/strong><br\/>\nA SaaS startup deploys one main churn model but iterates weekly. They struggle to know which model is running and to reproduce results after changes.<\/p>\n\n\n\n<p><strong>Proposed architecture<\/strong>\n&#8211; Train model in a GitHub Actions workflow or Cloud Build.\n&#8211; Store artifacts in a single Cloud Storage bucket with structured prefixes.\n&#8211; Register every successful build in <strong>Vertex AI Model Registry<\/strong> with labels for Git SHA and dataset snapshot ID.\n&#8211; Deploy only for short validation windows; production deployments happen during releases.<\/p>\n\n\n\n<p><strong>Why Vertex AI Model Registry was chosen<\/strong>\n&#8211; Minimal operational overhead versus self-hosting MLflow.\n&#8211; Clear separation of artifacts vs \u201cregistered model identity.\u201d\n&#8211; Fits naturally with Google Cloud IAM and tooling.<\/p>\n\n\n\n<p><strong>Expected outcomes<\/strong>\n&#8211; Fewer deployment mistakes.\n&#8211; Faster debugging when churn predictions regress.\n&#8211; A scalable path as the team grows.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">16. FAQ<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>Is Vertex AI Model Registry a separate product from Vertex AI?<\/strong><br\/>\n   No. Vertex AI Model Registry is a capability within Vertex AI for managing registered models (Model resources).<\/p>\n<\/li>\n<li>\n<p><strong>Do I pay specifically for \u201cModel Registry\u201d?<\/strong><br\/>\n   Costs are usually driven by Cloud Storage (artifacts), Artifact Registry (images), and Vertex AI compute (training\/serving). Check the official Vertex AI pricing page for any SKU changes: https:\/\/cloud.google.com\/vertex-ai\/pricing<\/p>\n<\/li>\n<li>\n<p><strong>Is Model Registry global or regional?<\/strong><br\/>\n   Vertex AI model resources are typically regional within a project. Create and manage models in a specific location (for example, <code>us-central1<\/code>).<\/p>\n<\/li>\n<li>\n<p><strong>Can I use Model Registry without deploying models?<\/strong><br\/>\n   Yes. You can register models for cataloging and governance without deploying to endpoints.<\/p>\n<\/li>\n<li>\n<p><strong>What artifact formats can I register?<\/strong><br\/>\n   It depends on how you plan to serve the model. Common approaches:\n   &#8211; Prebuilt serving containers (framework-specific requirements)\n   &#8211; Custom prediction containers (you define how artifacts are loaded and served)<\/p>\n<\/li>\n<li>\n<p><strong>Does Model Registry automatically track training code and dataset lineage?<\/strong><br\/>\n   Not automatically. You typically capture lineage via Vertex AI Pipelines\/metadata or by attaching metadata\/labels that point to code and data versions.<\/p>\n<\/li>\n<li>\n<p><strong>How do I enforce approvals (dev \u2192 prod) with Model Registry?<\/strong><br\/>\n   Use IAM + CI\/CD policy checks + separate projects. Model Registry helps organize, but approvals are usually implemented in your release workflow (verify current native capabilities).<\/p>\n<\/li>\n<li>\n<p><strong>Can multiple teams share a single registry?<\/strong><br\/>\n   Yes, within a project\/region, controlled by IAM. Many orgs use a shared project for registry or separate projects per environment.<\/p>\n<\/li>\n<li>\n<p><strong>How do I prevent accidental deletion of production models?<\/strong><br\/>\n   Restrict delete permissions, use separate prod projects, and use organization policy controls. Consider backup strategies for artifacts.<\/p>\n<\/li>\n<li>\n<p><strong>Can I attach evaluation metrics to a model in Model Registry?<\/strong><br\/>\n   Vertex AI supports model evaluations in some workflows; integration depends on the training\/pipeline approach. Verify current evaluation features in docs.<\/p>\n<\/li>\n<li>\n<p><strong>Can I move a model between regions?<\/strong><br\/>\n   There isn\u2019t a simple \u201cmove\u201d; common approaches include re-uploading in the target region and ensuring artifacts are accessible there. Verify current cross-region patterns.<\/p>\n<\/li>\n<li>\n<p><strong>What\u2019s the difference between Cloud Storage and Model Registry?<\/strong><br\/>\n   Cloud Storage stores files; Model Registry stores a managed model identity and metadata, with pointers to artifacts and optional serving configuration.<\/p>\n<\/li>\n<li>\n<p><strong>Do I need Artifact Registry?<\/strong><br\/>\n   Only if you use custom serving containers (or store your own images). If using prebuilt serving containers, you may not need your own repo, but many orgs still use it for standardized images.<\/p>\n<\/li>\n<li>\n<p><strong>How do I name models and versions?<\/strong><br\/>\n   Use consistent display names and labels. Common patterns include <code>team-usecase-model<\/code> plus labels like <code>version<\/code>, <code>git_sha<\/code>, and <code>env<\/code>.<\/p>\n<\/li>\n<li>\n<p><strong>What is the safest beginner workflow?<\/strong><br\/>\n   Start by registering models with clear labels and descriptions, store artifacts in a regional bucket, and avoid always-on endpoints until you understand costs and operations.<\/p>\n<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">17. Top Online Resources to Learn Vertex AI Model Registry<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Resource Type<\/th>\n<th>Name<\/th>\n<th>Why It Is Useful<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Official documentation<\/td>\n<td>Vertex AI Model Registry docs: https:\/\/cloud.google.com\/vertex-ai\/docs\/model-registry<\/td>\n<td>Primary, up-to-date reference for concepts and workflows<\/td>\n<\/tr>\n<tr>\n<td>Official API docs<\/td>\n<td>Vertex AI Models API (Model resource): https:\/\/cloud.google.com\/vertex-ai\/docs\/reference\/rest<\/td>\n<td>Authoritative API fields for upload\/describe\/list<\/td>\n<\/tr>\n<tr>\n<td>Official CLI docs<\/td>\n<td><code>gcloud ai models upload<\/code>: https:\/\/cloud.google.com\/sdk\/gcloud\/reference\/ai\/models\/upload<\/td>\n<td>Practical automation reference for CI\/CD<\/td>\n<\/tr>\n<tr>\n<td>Official pricing<\/td>\n<td>Vertex AI pricing: https:\/\/cloud.google.com\/vertex-ai\/pricing<\/td>\n<td>Cost model and billable dimensions<\/td>\n<\/tr>\n<tr>\n<td>Pricing calculator<\/td>\n<td>Google Cloud Pricing Calculator: https:\/\/cloud.google.com\/products\/calculator<\/td>\n<td>Build estimates for storage\/serving<\/td>\n<\/tr>\n<tr>\n<td>Official quotas<\/td>\n<td>Vertex AI quotas: https:\/\/cloud.google.com\/vertex-ai\/quotas<\/td>\n<td>Prevent pipeline failures due to limits<\/td>\n<\/tr>\n<tr>\n<td>Official locations<\/td>\n<td>Vertex AI locations: https:\/\/cloud.google.com\/vertex-ai\/docs\/general\/locations<\/td>\n<td>Choose correct regions and understand availability<\/td>\n<\/tr>\n<tr>\n<td>Official architecture<\/td>\n<td>Google Cloud Architecture Center: https:\/\/cloud.google.com\/architecture<\/td>\n<td>Broader MLOps patterns and best practices<\/td>\n<\/tr>\n<tr>\n<td>Official samples<\/td>\n<td>Vertex AI samples (GoogleCloudPlatform GitHub): https:\/\/github.com\/GoogleCloudPlatform\/vertex-ai-samples<\/td>\n<td>Practical code examples that often include model upload\/deploy<\/td>\n<\/tr>\n<tr>\n<td>Official security<\/td>\n<td>Google Cloud compliance: https:\/\/cloud.google.com\/security\/compliance<\/td>\n<td>Security\/compliance planning for regulated workloads<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">18. Training and Certification Providers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Institute<\/th>\n<th>Suitable Audience<\/th>\n<th>Likely Learning Focus<\/th>\n<th>Mode<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>DevOps engineers, platform teams, cloud engineers<\/td>\n<td>DevOps\/MLOps practices, CI\/CD, cloud operations<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>ScmGalaxy.com<\/td>\n<td>Beginners to intermediate engineers<\/td>\n<td>SCM\/DevOps foundations and tooling<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.scmgalaxy.com\/<\/td>\n<\/tr>\n<tr>\n<td>CLoudOpsNow.in<\/td>\n<td>Cloud operations teams<\/td>\n<td>Cloud ops, reliability, automation<\/td>\n<td>Check website<\/td>\n<td>https:\/\/cloudopsnow.in\/<\/td>\n<\/tr>\n<tr>\n<td>SreSchool.com<\/td>\n<td>SREs, operations engineers<\/td>\n<td>SRE practices, monitoring, reliability<\/td>\n<td>Check website<\/td>\n<td>https:\/\/sreschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>AiOpsSchool.com<\/td>\n<td>ML\/ops engineers, IT ops<\/td>\n<td>AIOps concepts, automation, operational analytics<\/td>\n<td>Check website<\/td>\n<td>https:\/\/aiopsschool.com\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">19. Top Trainers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Platform\/Site<\/th>\n<th>Likely Specialization<\/th>\n<th>Suitable Audience<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>RajeshKumar.xyz<\/td>\n<td>DevOps\/cloud training content (verify current offerings)<\/td>\n<td>Beginners to intermediate<\/td>\n<td>https:\/\/rajeshkumar.xyz\/<\/td>\n<\/tr>\n<tr>\n<td>devopstrainer.in<\/td>\n<td>DevOps training resources (verify scope)<\/td>\n<td>DevOps engineers, students<\/td>\n<td>https:\/\/www.devopstrainer.in\/<\/td>\n<\/tr>\n<tr>\n<td>devopsfreelancer.com<\/td>\n<td>Freelance DevOps enablement (verify services)<\/td>\n<td>Teams needing short-term coaching<\/td>\n<td>https:\/\/www.devopsfreelancer.com\/<\/td>\n<\/tr>\n<tr>\n<td>devopssupport.in<\/td>\n<td>DevOps support\/training resources (verify scope)<\/td>\n<td>Ops\/DevOps practitioners<\/td>\n<td>https:\/\/www.devopssupport.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">20. Top Consulting Companies<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Company Name<\/th>\n<th>Likely Service Area<\/th>\n<th>Where They May Help<\/th>\n<th>Consulting Use Case Examples<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>cotocus.com<\/td>\n<td>Cloud\/DevOps consulting (verify current portfolio)<\/td>\n<td>Platform engineering, automation, cloud delivery<\/td>\n<td>CI\/CD setup for model registration, Artifact Registry hardening, IAM design<\/td>\n<td>https:\/\/cotocus.com\/<\/td>\n<\/tr>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>DevOps and enterprise training\/consulting<\/td>\n<td>Delivery enablement, training + implementation<\/td>\n<td>MLOps process design, Cloud Build pipelines, governance standards<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>DEVOPSCONSULTING.IN<\/td>\n<td>DevOps consulting (verify current services)<\/td>\n<td>DevOps transformation and automation<\/td>\n<td>Standardizing release workflows, security reviews, operational runbooks<\/td>\n<td>https:\/\/devopsconsulting.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">21. Career and Learning Roadmap<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn before Vertex AI Model Registry<\/h3>\n\n\n\n<p>To be effective with Model Registry, you should understand:\n&#8211; Google Cloud fundamentals: projects, IAM, regions, billing\n&#8211; Cloud Storage basics (buckets, IAM, lifecycle)\n&#8211; Containers and Artifact Registry basics (Docker build\/push\/pull)\n&#8211; Basic ML lifecycle concepts (training, evaluation, inference)<\/p>\n\n\n\n<p>Helpful Google Cloud prerequisites:\n&#8211; IAM and service accounts: https:\/\/cloud.google.com\/iam\/docs\n&#8211; Cloud Storage: https:\/\/cloud.google.com\/storage\/docs\n&#8211; Artifact Registry: https:\/\/cloud.google.com\/artifact-registry\/docs\n&#8211; Vertex AI overview: https:\/\/cloud.google.com\/vertex-ai\/docs\/start\/introduction-unified-platform<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn after Vertex AI Model Registry<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Vertex AI Endpoints (online serving) and deployment strategies<\/li>\n<li>Vertex AI Pipelines (repeatable training and metadata lineage)<\/li>\n<li>Model monitoring, drift detection, and SLO-based operations<\/li>\n<li>Security hardening: VPC Service Controls, CMEK, org policies<\/li>\n<li>Data governance and privacy engineering for ML<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Job roles that use it<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Machine Learning Engineer \/ MLOps Engineer<\/li>\n<li>Platform Engineer (ML platform)<\/li>\n<li>Cloud\/DevOps Engineer supporting ML systems<\/li>\n<li>SRE for ML services<\/li>\n<li>Security engineer reviewing ML supply chain and access controls<\/li>\n<li>Data scientist (in mature organizations) as part of release workflows<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Certification path (Google Cloud)<\/h3>\n\n\n\n<p>Google Cloud certifications evolve. For an ML and platform path, consider:\n&#8211; Associate Cloud Engineer (foundation)\n&#8211; Professional Cloud Architect (architecture)\n&#8211; Professional Machine Learning Engineer (ML systems)<\/p>\n\n\n\n<p>Verify current certifications:\n&#8211; https:\/\/cloud.google.com\/learn\/certification<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Project ideas for practice<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Build a CI\/CD pipeline that trains a model, runs unit tests, registers it in Vertex AI Model Registry, and tags it with Git SHA.<\/li>\n<li>Create a promotion workflow that copies artifacts from dev to prod and re-registers models with stricter IAM.<\/li>\n<li>Implement a \u201cmodel inventory dashboard\u201d using the Vertex AI API + BigQuery (export metadata and audit logs).<\/li>\n<li>Add automated checks: required labels, container vulnerability scans, artifact hashing.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">22. Glossary<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Vertex AI Model Registry<\/strong>: Vertex AI capability for registering and managing models as first-class resources.<\/li>\n<li><strong>Model resource<\/strong>: The Vertex AI object representing a registered model (metadata + artifact pointers + serving configuration).<\/li>\n<li><strong>Model artifact<\/strong>: The files representing a trained model (for example, <code>SavedModel<\/code>, <code>model.joblib<\/code>).<\/li>\n<li><strong>Artifact URI<\/strong>: Usually a Cloud Storage path (<code>gs:\/\/...<\/code>) pointing to the model artifact directory.<\/li>\n<li><strong>Serving container<\/strong>: A container image used to load the model artifact and serve prediction requests.<\/li>\n<li><strong>Vertex AI Endpoint<\/strong>: Managed online serving resource where models are deployed for real-time prediction.<\/li>\n<li><strong>IAM<\/strong>: Identity and Access Management\u2014controls who can do what in Google Cloud.<\/li>\n<li><strong>Service account<\/strong>: A non-human identity used by automation and workloads.<\/li>\n<li><strong>Labels<\/strong>: Key\/value metadata used for organization, filtering, and governance.<\/li>\n<li><strong>Cloud Audit Logs<\/strong>: Logs recording administrative actions in Google Cloud.<\/li>\n<li><strong>VPC Service Controls<\/strong>: Security feature to reduce data exfiltration by defining service perimeters.<\/li>\n<li><strong>CMEK<\/strong>: Customer-Managed Encryption Keys, typically via Cloud KMS, for encryption control.<\/li>\n<li><strong>MLOps<\/strong>: Operational practices for reliably building, deploying, and maintaining ML systems.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">23. Summary<\/h2>\n\n\n\n<p>Vertex AI Model Registry (Google Cloud, AI and ML) is the managed catalog for <strong>registering, organizing, and governing ML models<\/strong> so teams can reliably discover, version, and deploy them. It fits at the center of an MLOps architecture: training produces artifacts in Cloud Storage, Model Registry captures the model identity and metadata (and serving configuration), and deployments target Vertex AI Endpoints.<\/p>\n\n\n\n<p>Cost-wise, the registry itself is rarely the main driver; the real costs come from <strong>artifact storage, container storage, training compute, and especially online endpoints<\/strong> if you deploy models. Security-wise, treat models as sensitive assets: enforce least-privilege IAM, standard labels, audit logging, and (when needed) perimeter controls like VPC Service Controls.<\/p>\n\n\n\n<p>Use Vertex AI Model Registry when you need a consistent, governed way to manage models in Google Cloud and connect them to downstream serving and operations. The best next step after this tutorial is to integrate registration into a <strong>Vertex AI Pipeline or CI\/CD workflow<\/strong>, so every approved training run automatically produces a registered, deployable model with traceable metadata.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>AI and ML<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[53,51],"tags":[],"class_list":["post-569","post","type-post","status-publish","format-standard","hentry","category-ai-and-ml","category-google-cloud"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/569","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=569"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/569\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=569"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=569"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=569"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}