Confidential Virtual Machine support for Azure Virtual Desktop now in Public Preview
We’re announcing that Azure Virtual Desktop has public preview support for Azure Confidential Virtual Machines. Confidential Virtual Machines increase data privacy and security by protecting data in use. The Azure DCasv5 and ECasv5 confidential VM series provide a hardware-based Trusted Execution Environment (TEE) that features AMD SEV-SNP security capabilities, which harden guest protections to deny the hypervisor and other host management code access to VM memory and state, and that is designed to protect against operator access and encrypts data in use.
With this preview, support for Windows 11 22H2 has been added to Confidential Virtual Machines. Confidential OS Disk encryption and Integrity monitoring will be added to the preview at a later date. Confidential VM support for Windows 10 is planned.
How to deploy Confidential Virtual Machines with AVD Host pool provisioning:
1) Select Confidential virtual machines from the Security Type dropdown in the AVD Host Pool Virtual Machine blade.
2) Once Security Type is set to Confidential virtual machines, you will see Enable Secure Boot and Enable vTPM each selected. You have the option to disable Secure Boot though it is not recommended. vTPM is required.
Learn More:
Review the Confidential Virtual Machine documentation for more information.
Published on:
Learn moreRelated posts
Secure Boot certificate updates for Linux on Azure virtual machines
Microsoft has published new guidance for managing Secure Boot certificate updates for Linux on Azure virtual machines, including Trusted Launc...
Soluzione Earns Microsoft Solutions Partner Designation for Digital & App Innovation (Azure)
Soluzione is pleased to announce that it has earned the Microsoft Solutions Partner designation for Digital & App Innovation (Azure). This...
Azure SDK Release (May 2026)
Azure SDK releases every month. In this post, you'll find this month's highlights and release notes. The post Azure SDK Release (May 2026) app...
How to Use Deep Agents with Azure Cosmos DB – Plan, act, and verify against operational data
Deep Agents is an agent harness built on LangGraph, for agents that need to work through a task over many steps instead of a single LLM call. ...
Retirement of Azure DevOps issuer in Workload identity federation service connections
We are announcing the deprecation of the Azure DevOps issuer in workload identity federation (WIF) service connections, with planned retiremen...
Azure Backup for Azure Cosmos DB Public Preview Adds Immutable Backups and Long-Term Retention
Azure Backup for Azure Cosmos DB Public Preview Adds Immutable Backups and Long-Term Retention Picture the first few hours after a serious dat...
Announcing General Availability of the Azure Cosmos DB Built-in Connector for Logic Apps Standard
Today, we’re excited to announce the general availability of the Azure Cosmos DB built-in connector for Azure Logic Apps Standard. This ...
Microsoft Purview: Data Lifecycle Management – Azure PST Import
Azure PST Import is a migration method that enables PST files stored in Azure Blob Storage to be imported directly into Exchange Online mailbo...