Hello, @Giovanni Magoga !
If it's not recommended to use x-ms-sevsnpvm-launchmeasurement
to prove code integrity over the initial state of a CVM, what should I use?
The claim x-ms-sevsnpvm-launchmeasurement
is a measurement of the launched guest image that can be used to prove code integrity over the initial state of an Azure confidential VM (CVM) however this claim is not recommended for use with CVMs as it may not be stable or consistent across several versions of the HCL firmware.
Instead, the suggestion is to use the claim x-ms-sevsnpvm-idkeydigest
, which is a hash of the identification signing key that is associated with the vTPM. This claim does not depend on the guest image or the HCL firmware version.
I hope this has been helpful! Your feedback is important so please take a moment to accept answers.
If you still have questions, please let us know what is needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!