Skip to main content

General availability: AMD confidential VM guest attestation

Published date: October 12, 2022

Today we are announcing the general availability of the guest attestation feature for AMD SEV-SNP based confidential VMs. Guest attestation enables verifying the trustworthiness (good state) of the trusted execution environment on which the guest VM is executing. It lets you do the following: 

  • Use the guest attestation feature to verify that a confidential VM is running on a hardware-based trusted execution environment (TEE) with security features (isolation, integrity, secure boot) enabled.
  • Allow application deployment decisions (whether to launch a sensitive workload) based on the hardware state returned by the library call. 
  • Use remote attestation artifacts (token and claims) received from another system (on a confidential VM) to enable relying parties to gain trust to make transactions with the other system. 
  • Receive recommendations and alerts of unhealthy confidential VMs in Microsoft Defender for Cloud.

To learn more about guest attestation see the documentation and the blog post.  

  • Virtual Machines
  • Compliance
  • Features
  • Pricing & Offerings
  • Microsoft Ignite
  • Security

Related Products