Azure – You can now use Azure Virtual Machine confidential compute (preview)

If you have a need to run workloads on a virtual machine with high security and confidentiality requirements you can now use a confidential Azure Virtual Machine.

This specific capability is provided thanks to AMD processors using SEV-SNP technologies.

The confidential compute is available with the DC and EC virtual machine SKUs:

  • DCasv5-series: Confidential VM with remote storage only. No local temporary desk
  • DCadsv5-series: Confidential VM with a local temporary disk
  • ECasv5-series: Memory-optimized confidential VM with remote storage only. No local temporary disk
  • ECadsv5-series: Memory-optimized confidential VM with a local temporary disk

You can not resize a confidential compute virtual machine to a non confidential compute SKU as well as the other way around.

You can only use confidential compute with the following operating systems:

  • Ubuntu 20.04 Gen 2
  • Windows Server 2019 Gen 2
  • Windows Server 2022 Gen 2

This is currently available only in WEST US region (https://azure.microsoft.com/en-us/global-infrastructure/services/?products=virtual-machines)

image

When you choose to use confidential compute, don’t forget to also enable the Confidential compute encryption at the Disks configure step

image

Leave a Comment

Your email address will not be published.