| title | description | author | ms.author | ms.service | ms.subservice | ms.topic | ms.date | ms.custom |
|---|---|---|---|---|---|---|---|---|
Use sample application for guest attestation in confidential VMs |
Learn how to use a sample Linux or Windows application for use with the guest attestation feature APIs. |
prasadmsft |
reprasa |
azure-virtual-machines |
azure-confidential-computing |
how-to |
04/11/2023 |
template-concept, linux-related-content |
The guest attestation feature helps you to confirm that a confidential VM runs on a hardware-based trusted execution environment (TEE) with security features enabled for isolation and integrity.
Sample applications for use with the guest attestation APIs are available on GitHub.
Depending on your type of scenario, you can reuse the sample code in your client program or workload code.
- An Azure subscription.
- An Azure confidential VM or a VM with trusted launch enabled. You can use a Ubuntu Linux VM or Windows VM.
To use a sample application in C++ for use with the guest attestation APIs, follow the instructions for your operating system (OS).
-
Sign in to your VM.
-
Clone the sample Linux application.
-
Install the
build-essentialpackage. This package installs everything required for compiling the sample application.sudo apt-get install build-essential
-
Install the
libcurl4-openssl-devandlibjsoncpp-devpackages.sudo apt-get install libcurl4-openssl-dev
sudo apt-get install libjsoncpp-dev
-
Download the attestation package from https://packages.microsoft.com/repos/azurecore/pool/main/a/azguestattestation1/.
-
Install the attestation package. Make sure to replace
<version>with the version that you downloaded.sudo dpkg -i azguestattestation1_<latest-version>_amd64.deb
- Install Visual Studio with the Desktop development with C++ workload.
- Clone the sample Windows application.
- Build your project. From the Build menu, select Build Solution.
- After the build succeeds, go to the
Releasebuild folder. - Run the application by running the
AttestationClientApp.exe.