Share via

Attestation of a Confidential VM based on AMD SEV-SNP

Nitish 61 Reputation points
2022-01-31T05:01:22.897+00:00

I have looked at the Azure documentation for Azure Attestation service and have found that examples for writing a policy and policy signer certificate have been explained only for the attestation of Intel SGX enclaves.
but, how do I perform the attestation of a confidential VM (Standard DC2as v5 is the size) ?

To be more specific :-
Azure docs also says : "Confidential VMs boot only after successful attestation of the platform's critical components and security settings"
So, How can I perform attestation of the VM so that it can successfully boot ?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,346 questions
0 comments
Accepted answer
  1. vipullag-MSFT 25,366 Reputation points
    2022-01-31T17:35:25.653+00:00

    @Nitish

    Thanks for reaching out to Microsoft Q&A Platform.

    I have reached out to internal team to get more details on your ask.

    Q: How can I perform attestation of the VM so that it can successfully boot ?

    This will be available once Confidential VMs are in General Availability. Product team will be rolling out an attestation feature which is exposed to the end users so they can perform validation that their VM is running on a fully confidential and patched server platform.
    Also, the document team will be publishing new docs describing the process and a library allowing users to integrate this into their workflows.

    Hope this helps.
    Please 'Accept as answer' if the provided information is helpful, so that it can help others in the community looking for help on similar topics.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest