Add support for Confidential VMs and Trusted launch for VMs #3264

mresvanis · 2023-03-10T11:05:14Z

/kind feature

Describe the solution you'd like
I would like to be able to spawn Azure Confidential VMs and to enabled Trusted launch for VMs.

Confidential VMs provide protection to data-in-use by encryption the VM memory with keys that Azure doesn't have access to. Those VMs can also be attested by the user.

See Azure Confidential Computing for more details.

Trusted launch for VMs provide SecureBoot and vTPM attestation.

Anything else you would like to add:
Confidential VMs require specific OS images.
Trusted launch for VMs include these limitations.

Environment:

cluster-api-provider-azure version:
Kubernetes version: (use kubectl version):
OS (e.g. from /etc/os-release):

The text was updated successfully, but these errors were encountered:

nojnhuh · 2023-03-16T16:43:29Z

/assign @mresvanis

Assigning this since you've started working on this in the PR. Thanks!

k8s-ci-robot added the kind/feature Categorizes issue or PR as related to a new feature. label Mar 10, 2023

This was referenced Mar 10, 2023

Add support for confidential VMs #3265

Merged

MGMT-13627: Add ConfidentialVM options to AzureMachineProviderSpec openshift/api#1403

Merged

k8s-ci-robot assigned mresvanis Mar 16, 2023

k8s-ci-robot closed this as completed in #3265 Jun 12, 2023

HuijingHei mentioned this issue Sep 13, 2023

Add confidential VM support on Azure coreos/coreos-assembler#3608

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add support for Confidential VMs and Trusted launch for VMs #3264

Add support for Confidential VMs and Trusted launch for VMs #3264

mresvanis commented Mar 10, 2023

nojnhuh commented Mar 16, 2023

Add support for Confidential VMs and Trusted launch for VMs #3264

Add support for Confidential VMs and Trusted launch for VMs #3264

Comments

mresvanis commented Mar 10, 2023

nojnhuh commented Mar 16, 2023