We are excited to announce the public preview of confidential containers on Azure Container Instances, an industry-first serverless confidential computing platform. Confidential containers on ACI enables fast and easy deployment of containers natively in Azure and with the ability to protect data and code in use thanks to AMD EPYC™ processors with confidential computing capabilities. This is because your container(s) run in a hardware-based and attested Trusted Execution Environment (TEE) without the need to adopt a specialized programming model and without infrastructure management overhead. With this launch you get:
- Full guest attestation, which reflects the cryptographic measurement of all hardware and software components running within your Trusted Computing Base (TCB).
- Tooling to generate policies that will be enforced in the Trusted Execution Environment.
- Open-source sidecar containers for secure key release and encrypted file systems.
Read more on the public preview announcement.