How to use the TPM attestation workflow to understand the Attestation of Confidential VM ?

Nitish 61 Reputation points
2022-02-01T23:44:24.143+00:00

In this link given below :
https://learn.microsoft.com/en-us/azure/attestation/workflow#trusted-platform-module-tpm-enclave-validation-work-flow

Can we use the information provided for the workflow of TPM attestation to understand the attestation process of a confidential VM ?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,091 questions
0 comments No comments
{count} votes

Accepted answer
  1. vipullag-MSFT 24,021 Reputation points Microsoft Employee
    2022-02-03T18:09:40.467+00:00

    @Nitish

    During the preview, Confidential VMs undergo attestation during their boot phase. This process is opaque to the user and takes place by the cloud operating system in conjunction with the Microsoft Azure Attestation and Azure Key Vault services. When the product launches in General Availability, Confidential VMs will extend to also let customers perform attention for their VMs. This will be done using tooling and documentation which will be published later this year. Until then, similar to trusted launch VMs, customers can use the vTPM in their VMs to perform attestation of their VM’s firmware and OS as described here.

    Hope this helps.
    Please 'Accept as answer' if the provided information is helpful, so that it can help others in the community looking for help on similar topics.

    0 comments No comments

0 additional answers

Sort by: Most helpful