Confidential Virtual Machine support for Azure Virtual Desktop now in Public Preview
We’re announcing that Azure Virtual Desktop has public preview support for Azure Confidential Virtual Machines. Confidential Virtual Machines increase data privacy and security by protecting data in use. The Azure DCasv5 and ECasv5 confidential VM series provide a hardware-based Trusted Execution Environment (TEE) that features AMD SEV-SNP security capabilities, which harden guest protections to deny the hypervisor and other host management code access to VM memory and state, and that is designed to protect against operator access and encrypts data in use.
With this preview, support for Windows 11 22H2 has been added to Confidential Virtual Machines. Confidential OS Disk encryption and Integrity monitoring will be added to the preview at a later date. Confidential VM support for Windows 10 is planned.
How to deploy Confidential Virtual Machines with AVD Host pool provisioning:
1) Select Confidential virtual machines from the Security Type dropdown in the AVD Host Pool Virtual Machine blade.
2) Once Security Type is set to Confidential virtual machines, you will see Enable Secure Boot and Enable vTPM each selected. You have the option to disable Secure Boot though it is not recommended. vTPM is required.
Learn More:
Review the Confidential Virtual Machine documentation for more information.
Published on:
Learn moreRelated posts
Microsoft Purview compliance portal: Endpoint Data Loss Prevention – Endpoint DLP support classification of Azure RMS protected Office documents
Endpoint DLP can now classify Office files stored in Windows devices that have Azure RMS protection applied. Classification will be triggered ...
AI Builder – Use your own generative AI model from Azure AI Foundry in Prompt builder in Copilot Studio
We are announcing the ability to use your own generative AI model from Azure AI Foundry in prompt builder. This feature has reached general av...
Azure SDK Release (August 2025)
Azure SDK releases every month. In this post, you'll find this month's highlights and release notes. The post Azure SDK Release (August 2025) ...
Azure Developer CLI (azd) – August 2025
This post announces the August release of the Azure Developer CLI (`azd`). The post Azure Developer CLI (azd) – August 2025 appeared fir...
Azurite: Build Azure Queues and Functions Locally with C#
Lets say you are a beginner Microsoft Azure developer and you want to : Normally, these tasks require an Azure Subscription. But what if I tol...
Data encryption with customer-managed key (CMK) for Azure Cosmos DB for MongoDB vCore
Built-in security for every configuration Azure Cosmos DB for MongoDB vCore is designed with security as a foundational principle. Regardless ...
Azure Developer CLI: From Dev to Prod with Azure DevOps Pipelines
Building on our previous post about implementing dev-to-prod promotion with GitHub Actions, this follow-up demonstrates the same “build ...
Azure DevOps OAuth Client Secrets Now Shown Only Once
We’re making an important change to how Azure DevOps displays OAuth client secrets to align with industry best practices and improve our overa...