During the preview, Confidential VMs undergo attestation during their boot phase. This process is opaque to the user and takes place by the cloud operating system in conjunction with the Microsoft Azure Attestation and Azure Key Vault services. When the product launches in General Availability, Confidential VMs will extend to also let customers perform attention for their VMs. This will be done using tooling and documentation which will be published later this year. Until then, similar to trusted launch VMs, customers can use the vTPM in their VMs to perform attestation of their VM’s firmware and OS as described here.
Hope this helps.
Please 'Accept as answer' if the provided information is helpful, so that it can help others in the community looking for help on similar topics.