Expanding Azure Confidential Computing with new AMD-based confidential VMs
Announcing the public preview of Azure confidential VMs powered by AMD EPYC™ processors
Today we are announcing the public preview of Azure DCasv5/ECasv5 confidential virtual machines (VMs) powered by 3rd Gen AMD EPYC™ processors with SEV-SNP.
These new VMs offer an easy way to deploy confidential workloads without requiring changes to existing applications or code. They are enabled on the same hardware configuration as general-purpose virtual machines and offer performance characteristics enabling customers to run general-purpose workloads while achieving their desired confidentiality and performance requirements. AMD recently published various benchmarks of these Azure confidential VMs.
Built on innovative new hardware
Azure’s new AMD-based confidential VMs are designed to deliver confidentiality not only between different cloud customers, but also between customers and the cloud itself.
These hardware-encrypted virtual machines feature integrity-protected full state encryption and advanced hardware security based on the AMD advanced security feature Secure Encrypted Virtualization (SEV), and particularly Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP).
Collectively, AMD SEV-SNP hardens guest protections to deny the hypervisor and other host management code access to VM memory and state, protecting against cloud operator access. Combined with Azure full-disk encryption and Azure Managed HSM, customer code and data are encrypted in use, in transit, and at rest using encryption keys which are protected and can be controlled by the customer. The VM in its entirety benefits from a strong hardware-enforced boundary.
Furthermore, by utilizing built-in attestation capabilities, customers will have checks and controls to be their own real-time auditors. This enables verifying the security posture of these virtual machines using cryptographic proofs and measurements chaining to the AMD hardware root-of-trust.
Additional benefits include UEFI secure boot enforcement and a virtual TPM instance dedicated to each VM. vTPM protects keys and enables attestation, which customers can leverage to establish trust in their VM and its underlying stack.
A spectrum of confidential choices: from single-click to customized policies
Azure confidential VMs powered by AMD EPYC processors will offer a wide range of security options to suit different business and security needs.
Customers can harness a new full-disk encryption scheme for their virtual machines, which is supported by the latest versions of Microsoft Windows BitLocker and Canonical’s Ubuntu OS. This feature stores the disk encryption key in the TPM and predictively seals it to the platform’s known good state — capturing its anticipated boot measurements.
Once encrypted, the OS disk can only be decrypted if the underlying platform is properly configured, and its trusted boot components remain intact. This ensures that features such as SEV-SNP are enabled, and that firmware and OS code have not been tampered with. The cryptographic keys protecting the machine’s security state, including its TPM, can be generated, owned, and managed by either Azure or the customer. During public preview, we will roll out Customer Managed Keys (CMK), which customers can manage through Azure Managed HSM or Azure Key Vault.
Together with additional security switches, we have built these confidential VMs in recognition of the wide spectrum of security-minded cloud professionals – from those seeking simple and highly secured cloud compute, to those responsible for their organizations’ most regulated and confidential data flows.
Ushering in a new wave of confidential computing
As the next wave of cloud computing increasingly focuses on scale, security, and performance, Azure’s new AMD EPYC CPU-based confidential VMs offer a compelling reason for organizations of all types and sizes to tap into confidential computing. With confidential VMs, organizations can achieve elevated data privacy while extending their cloud deployments using the tools they want and workloads they need. This ushers in a new wave of seamless confidential computing where state-of-the-art security and compute reinforce one another.
You can get going right away with Azure AMD EPYC CPU-based confidential VMs in both West US and North Europe regions. You can deploy them using Azure Portal and ARM APIs. Supported OS images include Windows Server 2019, Windows Server 2022, and Ubuntu 20.04. To get started, follow the instructions in this QuickStart guide. To learn more and stay up to date with Confidential VMs, visit the documentation page here.
Published on:
Learn moreRelated posts
Azure Developer CLI (azd) – November 2024
This post announces the November release of the Azure Developer CLI (`azd`). The post Azure Developer CLI (azd) – November 2024 appeared...
Microsoft Purview | Information Protection: Auto-labeling for Microsoft Azure Storage and Azure SQL
Microsoft Purview | Information Protection will soon offer Auto-labeling for Microsoft Azure Storage and Azure SQL, providing automatic l...
5 Proven Benefits of Moving Legacy Platforms to Azure Databricks
With evolving data demands, many organizations are finding that legacy platforms like Teradata, Hadoop, and Exadata no longer meet their needs...
November Patches for Azure DevOps Server
Today we are releasing patches that impact our self-hosted product, Azure DevOps Server. We strongly encourage and recommend that all customer...
Elevate Your Skills with Azure Cosmos DB: Must-Attend Sessions at Ignite 2024
Calling all Azure Cosmos DB enthusiasts: Join us at Microsoft Ignite 2024 to learn all about how we’re empowering the next wave of AI innovati...
Query rewriting for RAG in Azure AI Search
Getting Started with Bicep: Simplifying Infrastructure as Code on Azure
Bicep is an Infrastructure as Code (IaC) language that allows you to declaratively define Azure resources, enabling automated and repeatable d...
How Azure AI Search powers RAG in ChatGPT and global scale apps
Millions of people use Azure AI Search every day without knowing it. You can enable your apps with the same search that enables retrieval-augm...