Skip to main content
IN PREVIEW

Public preview: AMD-based confidential VMs for Azure Kubernetes Service (AKS)

Published date: August 01, 2022

Azure Kubernetes Service (AKS) provides the capability for organizations to deploy containers at scale. We are expanding the Azure confidential computing portfolio to enable AMD-based confidential VM node pools in AKS, adding defense-in-depth to Azure's already hardened security profile.   

With the general availability of confidential virtual machines featuring AMD 3rd Gen EPYC™ processors, with Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) security features, organizations get VMs with isolated, encrypted memory and genuine confidentiality attestation rooted to the hardware.

AKS is now equipped to have confidential and non-confidential node pools on a single cluster. This means that applications processing sensitive data can reside in a VM-level Trusted Execution Environment (TEE) node pool with memory encryption keys generated from the chipset itself.

Confidential node pools on AKS enable a seamless transition of Linux container workloads to Azure without the overhead of changing code. 

Read the blog to learn more. 

  • Azure Kubernetes Service (AKS)
  • Features
  • Pricing & Offerings
  • Open Source
  • Security