Generational Performance Leap for Azure Confidential Computing
At Microsoft, protecting customer data is a foundational commitment. Organizations moving their most sensitive workloads to the cloud require assurances beyond just encryption of data-at-rest and data-in-transit. They need robust protection while the data is in use, and they need it without sacrificing the performance of their business-critical applications. Confidential Computing emerged as a technology to address this need for data-in-use protection. For years, a key consideration for adopting confidential computing has been the perceived trade-off between stronger security and application performance. To provide our customers with transparent, third-party validation, Microsoft and AMD commissioned a technical analysis from Prowess Consulting, an independent research firm specializing in hands-on performance validation for the enterprise IT industry. Their report provides an assessment of our latest generation confidential VMs. Azure confidential VMs, powered by the latest 4th generation AMD EPYC™ processors, deliver both next-generation performance and hardware-enforced security, fundamentally shifting the conversation from a security trade-off to a performance dividend. Enterprises are required to handle sensitive information or personal data like transactions, analytics or intellectual property (IP) while operating under strict compliance regimes like GDPR or HIPAA can now seamlessly transition to the cloud, running their high performance, mission-critical applications on Azure’s latest confidential VMs. A Generational Leap in Performance While uncertainty surrounding the performance overhead of enabling confidential computing features and performance gaps, confidential computing has broadened its appeal as processors leap forward in both performance and capabilities with each successive generation. The motivation of the study was to identify a clear performance uplift by comparing the latest Azure DCasv6 confidential VMs, powered by 4th generation AMD EPYC™ processors, against the previous generation. The data confirms that upgrading delivers a significant and measurable performance uplift across the stack. A 77% gain in memory bandwidth, driven by architectural enhancements including the adoption of DDR5 memory, directly benefiting data-intensive applications. A 34% increase in Redis throughput, demonstrating substantial real-world gains for in-memory databases and caching workloads where latency is critical. A 30% rise in CPU throughput, confirming faster execution for compute-bound workloads on the latest generation of Azure confidential VMs. Quantifying the Overhead of SEV-SNP Beyond generational gains, the Prowess report sought to answer the critical question: What is the real performance overhead of enabling AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP)? This hardware-level security feature isolates VMs by encrypting memory in use, protecting it even from the host hypervisor. The study compared confidential VMs (DCasv6) against general-purpose counterparts (Dasv6) running on identical 4th Gen AMD EPYC processors. The overhead introduced by these advanced protections was found to be minimal and predictable. An 8% overhead for CPU-intensive and Redis workloads. A mere 2% overhead for memory-intensive workloads. These results affirm that a robust security posture with a minimum impact on performance or latency, making it a practical choice for a broad spectrum of production workloads. From Technical Validation to Business Value For IT leaders and developers, these findings mean you no longer need to architect around performance limitations to achieve stronger security. The implications are clear: Confidentiality is a mainstream capability. With such minimal overhead, confidential computing is no longer a niche solution for only the most sensitive data, but a viable option for securing a diverse array of enterprise applications. Modernize with confidence. Organizations can now confidently migrate and modernize applications on Azure confidential VMs, gaining both hardware-enforced data protection and a significant performance boost. Unlock new possibilities. This validated performance enables the processing of sensitive data from financial analytics to healthcare insights in the cloud, scenarios that were previously constrained by security and performance concerns. This report validates our commitment to delivering a confidential cloud without compromise. Next Steps We encourage you to review the detailed report and explore how Azure confidential computing can fit into your security strategy. Read the full Prowess Consulting Technical Report for a deep dive into the methodology and results. Visit the confidential computing homepage to learn more about our comprehensive portfolio. Explore the DCasv6 and ECasv6-series VMs today.GA: DCasv6 and ECasv6 confidential VMs based on 4th Generation AMD EPYC™ processors
Today, Azure has expanded its confidential computing offerings with the general availability of the DCasv6 and ECasv6 confidential VM series in regions Korea Central, South Africa North, Switzerland North, UAE North, UK South, West Central US. These VMs are powered by 4th generation AMD EPYC™ processors and feature advanced Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) technology. These confidential VMs offer: Hardware-rooted attestation Memory encryption in multi-tenant environments Enhanced data confidentiality Protection against cloud operators, administrators, and insider threats You can get started today by creating confidential VMs in the Azure portal as explained here. Highlights: 4th generation AMD EPYC processors with SEV-SNP 25% performance improvement over previous generation Ability to rotate keys online AES-256 memory encryption enabled by default Up to 96 vCPUs and 672 GiB RAM for demanding workloads Streamlined Security Organizations in certain regulated industries and sovereign customers migrating to Microsoft Azure need strict security and compliance across all layers of the stack. With Azure Confidential VMs, organizations can ensure the integrity of the boot sequence and the OS kernel while helping administrators safeguard sensitive data against advanced and persistent threats. The DCasv6 and ECasv6 family of confidential VMs support online key rotation to give organizations the ability to dynamically adapt their defenses to rapidly evolving threats. Additionally, these new VMs include AES-256 memory encryption as a default feature. Customers have the option to use Virtualization-Based Security (VBS) in Windows, which is currently in preview to protect private keys from exfiltration via the Guest OS or applications. With VBS enabled, keys are isolated within a secure process, allowing key operations to be carried out without exposing them outside this environment. Faster Performance In addition to the newly announced security upgrades, the new DCasv6 and ECasv6 family of confidential VMs have demonstrated up to 25% improvement in various benchmarks compared to our previous generation of confidential VMs powered by AMD. Organizations that need to run complex workflows like combining multiple private data sets to perform joint analysis, medical research or Confidential AI services can use these new VMs to accelerate their sensitive workload faster than ever before. "While we began our journey with v5 confidential VMs, now we’re seeing noticeable performance improvements with the new v6 confidential VMs based on 4th Gen AMD EPYC “Genoa” processors. These latest confidential VMs are being rolled out across many Azure regions worldwide, including the UAE. So as v6 becomes available in more regions, we can deploy AMD based confidential computing wherever we need, with the same consistency and higher performance." — Mohammed Retmi, Vice President - Sovereign Public Cloud, at Core42, a G42 company. "KT is leveraging Azure confidential computing to secure sensitive and regulated data from its telco business in the cloud. With new V6 CVM offerings in Korea Central Region, KT extends its use to help Korean customers with enhanced security requirements, including regulated industries, benefit from the highest data protection as well as the fastest performance by the latest AMD SEV-SNP technology through its Secure Public Cloud built with Azure confidential computing." — Woojin Jung, EVP, KT Corporation Kubernetes support Deploy resilient, globally available applications on confidential VMs with our managed Kubernetes experience - Azure Kubernetes Service (AKS). AKS now supports the new DCasv6 and ECasv6 family of confidential VMs, enabling organizations to easily deploy, scale and manage confidential Kubernetes clusters on Azure, streamlining developer workflows and reducing manual tasks with integrated continuous integration and continuous delivery (CI/CD) pipelines. AKS brings integrated monitoring and logging to confidential VM node pools with in-depth performance and health insights, the clusters and containerized applications. Azure Linux 3.0 and Ubuntu 24.04 support are now in preview. AKS integration in this generation of confidential VMs also brings support for Azure Linux 3.0, that contains the most essential packages to be resource efficient and contains a secure, hardened Linux kernel specifically tuned for Azure cloud deployments. Ubuntu 24.04 clusters are also supported in addition to Azure Linux 3.0. Organizations wanting to ease the orchestration issues associated with deploying, scaling and managing hundreds of confidential VM node pools can now choose from either of these two for their node pools. General purpose & Memory-intensive workloads Featuring general purpose optimized memory-to-vCPU ratios and support for up to 96 vCPUs and 384 GiB RAM, the DCasv6-series delivers enterprise-grade performance. The DCasv6-series enables organizations to run sensitive workloads with hardware-based security guarantees, making them ideal for applications processing regulated or confidential data. For more memory demanding workloads that exceed even the capabilities of the DCasv6 series, the new ECasv6-series offer high memory-to-vCPU ratios with increased scalability up to 96 vCPUs and 672 GiB of RAM, nearly doubling the memory capacity of DCasv6. You can get started today by creating confidential VMs in the Azure portal as explained here. Additional Resources: Quickstart: Create confidential VM with Azure portal Quickstart: Create confidential VM with ARM template Azure confidential virtual machines FAQ
Announcing: Microsoft transforms Licensing with Cloud Security and Confidential Computing
Microsoft is proud to announce the successful migration of its Windows Licensing Service to Azure, leveraging cutting-edge Confidential Computing and Managed Hardware Security Modules (mHSM) technology. This marks a significant breakthrough in the cloud adoption journey for workloads operating in highly secure environments, reshaping the way Microsoft’s licensing services operate securely at scale. But what did it really take to move one of Microsoft’s most security-critical services to the cloud? Read on to uncover how the team enabled the largest cryptographic workload ever run in Azure—built on high-assurance infrastructure designed for secure, high-throughput operations. Migrating highly secure workloads is made possible with the help of Confidential computing and Managed HSM empowering organizations handling highly secure, high-throughput, and confidential workloads to operate with greater confidence, flexibility, and value. Advancing Security and Throughput The Microsoft Windows Key Management Licensing Service (MKMS) is built around the protection and management of high-value cryptographic keys, which are central to its security model. This service processes billions of licensing requests and related cryptographic operations each day, using these keys to ensure that only authorized individuals have access to their Windows operating systems, desktop applications, and games. Through its focus on secure key management, MKMS supports the authenticity of software licenses and the protection of sensitive data, making secure Windows licensing possible on a global scale. With the integration of Confidential Virtual Machines (CVM) and Managed Hardware Security Modules, the service now meets modern high-security requirements by extending this rigorous protection into the cloud environment. This evolution not only reinforces Microsoft's dedication to safeguarding sensitive cryptographic operations but also ensures that customers can trust the reliability and security of their licensing experience. Building Trust by Moving to Azure Transitioning from multiple highly secure on-prem datacenters to strategically selected Azure regions has enabled greater reliability, stronger security, and a seamless customer experience for the service. This migration not only aligns with Microsoft’s Secure Future Initiative and delivers CAPEX savings by eliminating the need for hardware refreshes but also unlocks the benefits of cloud-native solutions powered by Confidential Computing and Azure Key Vault Managed HSM. Migrating MKMS licensing service from on-premises infrastructure to Azure has delivered significant operational benefits. Azure’s elastic cloud resources allow us to scale efficiently, adapting to changing workload demands and supporting future growth while optimizing costs by paying only for the resources we use. Distributing services across multiple geographic regions in Azure has substantially improved our service availability, minimizing downtime and maintaining consistent delivery even during unexpected events. This geographic redundancy ensures our customers experience fewer disruptions. By utilizing Azure’s performance-driven infrastructure, we have reduced upfront hardware investments and ongoing maintenance costs, while still meeting the high throughput, speed, and reliability necessary for large-scale cryptographic operations—achieving results on par with or better than our previous on-premises environment. Enabling Security with Azure Confidential Computing At the heart of this transformation lies Azure Confidential Computing based on 4th generation AMD EPYC™ CPUs with SEV-SNP, which safeguards sensitive data during processing through hardware-based Trusted Execution Environments (TEEs). This technology prevents unauthorized access, including by cloud administrators and datacenter operators, ensuring robust confidentiality for cryptographic operations that are central to the authenticity of software licenses. Azure encrypts data at rest and in transit, while confidential computing further secures data in use. This added layer of protection addressed essential security requirements for migrating secure workloads to Azure, supporting the safety and integrity of customer data. The migration also incorporated Azure Managed HSM to provide enhanced security and tighter control over cryptographic keys. Complemented by Confidential Virtual Machines and securely attested OS images, the service now operates in a trusted and isolated environment, delivering a resilient and scalable cryptographic foundation —crucial for managing high value cryptographic keys required for Windows licensing. Setting a Benchmark for High-Scale Cryptographic Services Microsoft’s Key Management Licensing Service, leveraging Azure Confidential Computing and the specially engineered high-throughput Managed HSM capabilities, delivers advanced performance for securely hosting confidential, high-scale workloads in the cloud. These enhanced MHSM features were designed and built to meet the immense demand of this service, enabling it to support the highest throughput cryptographic workload ever run on Azure to date. MKMS is deployed on Azure using a purpose-built, internally attested secure image to ensure a trusted baseline. The deployment leverages Azure confidential VMs, and managed hardware security modules to protect data: all data at rest and in transit is encrypted, with encryption keys secured by FIPS-validated HSMs. In addition, CVM guarantees our service that all data in-use is encrypted and secure as an additional layer of security. Comprehensive logging and monitoring are enabled across the stack: control-plane operations, host OS events, and network traffic are all recorded and analyzed for auditing and threat detection. This defense-in-depth design layers protection from the hardware and hypervisor up through network firewalls and application-level safeguards, ensuring comprehensive resilience against both volumetric and application-targeted attacks. Summary In summary, migration of Windows Licensing to Azure signifies Microsoft’s commitment to driving innovation and security in the cloud. By leveraging Confidential Computing and Managed HSMs, Microsoft is delivering value to billions of users worldwide while reinforcing the trust placed in its services. This achievement highlights the potential of cloud-native technologies to transform traditional mission-critical systems, offering a glimpse into the future of secure and scalable computing.Confidential agentic AI on Azure helps ServiceNow respond to sales commission inquiries in seconds
Introduction AI is transforming how businesses operate and innovate, unlocking opportunities across industries to pioneer new business models, solve previously intractable challenges, and create breakthrough experiences. ServiceNow is at the forefront, deploying powerful, confidential AI agents leveraging confidential computing. Their sales commission help desk faced mounting challenges, supporting their sales force. With thousands of commission inquiries annually requiring access to sales compensation plan information, the help desk needed a solution to accelerate response times while maintaining strict data privacy and security standards. Applications ServiceNow Digital Technology leverages cutting-edge AI to streamline business operations, increase operational efficacy, and enhance employee experiences. The sales commission help desk handles inquiries ranging from policy questions to payout explanations, requiring aggregation and analysis of sensitive data from multiple systems. The manual process of responding to these inquiries—which involves gathering, anonymizing, and analyzing sensitive employee data, sales quotas, and commission structures—created bottlenecks, with resolution times stretching to days for the most complex cases. Use Cases To address ongoing commission management challenges, ServiceNow’s Digital Technology team partnered with Opaque Systems and Azure confidential computing team to design, build, and implement Confidential Agents that enable secure, autonomous AI systems with cryptographic privacy guarantees and auditability. The solution provides their help desk team with instantaneous access to encrypted personal commission data across multiple systems, while AI agents automatically analyze requests and generate custom responses. By integrating securely with various data sources, the system maintains strict privacy controls and compliance while delivering rapid, trusted insights. Every action taken by the AI agents is cryptographically verified, creating an immutable record of data access and usage. This generates detailed audit trails that meet compliance and strengthen governance protocols. Through hardware-based encryption on Azure NCCads H100 v5 confidential virtual machines augmented by NVIDIA H100 Tensor Core GPUs for accelerated computing running on their Microsoft Azure subscription service, the services built by ServiceNow can now harness the full power of AI technology without compromising on capabilities. Opaque’s Confidential AI Platform unlocks new performance potential of AI models that demand high-performing computational resources for all the commission requests, while maintaining robust protection of compensation data, setting a new standard for secure, efficient commission management. Accelerate, Reclaim, and Save Opaque's Confidential AI Agents architecture was uniquely built with NVIDIA H100s to help ServiceNow’s transformation. Once AI agents are connected to sensitive data, every aspect of agent operation maintains verifiable privacy and security, including real-time attestation that verifies agent authenticity and integrity, comprehensive audit trails of all agent actions and data interactions, cryptographic enforcement of data access and usage policies, and protection of valuable agent models and intellectual property. This combination of autonomous capability and verifiable privacy and security makes it ideal for ServiceNow to leverage for sensitive sales commission data while maintaining the highest standards of privacy and trust. The implementation of Opaque's Confidential AI Agents delivered strong results across ServiceNow's sales operations. Average response times decreased from 4 days to just 8 seconds, dramatically improving service delivery. Sellers can find quick summaries of Sales Success Center material and links to learn more. They also reported a 74% accuracy rate of agent responses, demonstrating high relevancy. Beyond operational improvements, ServiceNow improved operating costs while simultaneously strengthening their security posture through confidential computing. Most importantly, this has freed up the help desk team to focus on more strategic, high-value work while delivering faster, more accurate support to the sales force, creating a virtuous cycle of improved efficiency and satisfaction. Learn more Azure confidential VMs with NVIDIA H100 Tensor Core GPUs Azure confidential GPU Options Opaque’s Confidential AI Platform NVIDIA H100 Tensor Core GPUsAzure Confidential VMs help keep BMW Group’s identities and passwords protected while in use
Evolving identity and access management for the cloud Security, performance, and reliability are the guiding principles behind Microsoft's identity and access management solutions. These solutions empower organizations to maintain their competitive edge by leveraging technology effectively. With Microsoft's robust cloud infrastructure, customer business teams, plant workers, and external vendors can manage huge workloads independently and around the clock. Collaborative success is facilitated, ensuring timely results and efficient release cycles, helping businesses like the BMW Group stay at the forefront of their markets. Before it can achieve results or make a measurable impact, the BMW Group must give every employee, including independent workers, highly safe and secure access to company systems and devices. It’s for that reason the whole company couldn’t function without identity management authentication. If employees can’t securely sign in to their systems and workstations, all work comes to a halt. Microsoft's identity and access management solutions play a crucial role in enhancing security, efficiency, and user experience across various industries. For the BMW Group specifically, conversations about identity systems are occurring against a backdrop of organization-wide modernization. The company chose to move to the cloud early on so it could unlock more opportunities for on-demand flexibility, scalability, and fast access to technological innovations, especially new and advanced security features. As the BMW Group started to migrate its IT estate to Microsoft Azure, it also wanted a more secure platform for its on-premises Microsoft Active Directory environment and domain controllers. The group has some older applications that require Active Directory identification and access services but aren’t yet compatible with next-generation, cloud-native Microsoft Entra ID protection. Some of these IT systems, servers, and applications are also old, difficult, and expensive to replace but essential to support onsite business or are standard in the automotive industry, such as the hardware and software components built into plant machinery used for car production. Use of this machinery can extend beyond 30 years. Given the dependencies, the BMW Group focuses more on building a foundation to boost reliability and stability for its production processes than integrating them with a modern authentication system. In response, the BMW Group wanted to use its on-premises Active Directory licenses to migrate existing Active Directory servers and domain controllers to Azure while actively protecting data and storage resources, the privacy of data in server memory, and its overall operations. Maintaining critical infrastructure with confidential virtual machines on Azure Considering the criticality and sensitivity of its services, the BMW Group was interested in evaluating confidential computing, a technology that helps protect highly sensitive data that is in use in server memory. When the BMW Group started to look at confidential computing, Microsoft was the only vendor offering a generally available confidential computing platform for the BMW Group to bring their Active Directory domain controllers to the cloud: the Azure DCasv5 confidential virtual machines (VMs) using 3rd generation AMD EPYC™ processors. This technology allowed them to do the migration without changing any code. BMW Group IT specialists decided to start with confidential VMs running Active Directory services as a tier 0 workload in Azure to tighten security and put those servers on a future-proven track for how to continue operating Active Directory for the next 5–10 years. As it started using confidential VMs, the BMW Group appreciated being able to eliminate several potential attack paths as it used domain controllers in a public cloud environment for the first time. Without confidential computing, the datacenter operator, host operator, and VM host operator could have been able to access company systems and the Active Directory database. On top of the added security benefits moving forward, the BMW Group IT specialists also remarked that performance for workloads and applications didn’t suffer running on the AMD based confidential VMs, which greatly reduced worries about potential lapses in availability while making the switch. The group’s Azure DCasv5 confidential VMs using 3rd generation AMD EPYC™ processors have quickly become the center of its architecture and the main component for its domain controllers. Staying within the Microsoft ecosystem for daily identity administration, its privileged access workstation relies on Intune, Azure Bastion, Azure Key Vault, Azure Key Vault Managed HSM, and other Microsoft Security services. Additionally, many of its modern applications that don’t require earlier Active Directory support are onboarded directly to Entra ID. Changing attitudes, adopting a Zero Trust security model, and measuring success Many organizations recognize that security and identity and access management are two pieces of the same puzzle, each with an essential role in their organization’s operations. The BMW Group’s staff have helped build a castle, strengthening security from the outside in, and any activity within the network is on the secure side. Now, they are moving to a Zero Trust framework, which removes any implicit trust and requires each component, supplier, and authentication process to be thoroughly assessed and validated before being granted access. From this internal perspective, the main challenge is to upskill everybody in their team. It’s a completely different way to deploy infrastructure, which is now mainly done by code instead of requesting and installing a physical server. But the result for BMW Group customers is an almost invisible benefit that’s extremely meaningful. It was key not to have any downtime or business impacts, and company staff successfully and seamlessly deployed services for customers with the first bunch of domain controllers running on Azure, without those customers noticing or having to worry about where services were coming from. The group’s main measure of success is getting rid of all its on-premises components, including all on-premises servers and many supporting systems previously needed to offer and support BMW Group services. In doing so, the BMW Group will have all of its systems needed for Active Directory operation hosted on Azure. Achieving security goals and sharing cloud experiences across the business The BMW Group’s new highly secure architecture and DCasv5 confidential VMs touch every part of the business across the full life cycle of identities and are used by internal and external employees, large and strategic partners, and joint venture partners. Boosting security and safeguarding its platform were the company’s main goals and are now its main benefits. The BMW Group is heavily reducing its risk, with the main goal of making it very difficult for an attacker to get into its systems. Microsoft's geographically widespread Azure datacenters enhance businesses' ability to support local branches and plants, increasing service availability and distribution around the globe. Planned IT projects at the BMW Group include transitioning to DCasv6 VMs, the newest confidential VMs on Azure using 4th generation AMD EPYC processors, which will bring with them a 30% performance increase over what the company has already gained. IT specialists are also installing Windows Hello for Business on all client devices within the group, letting employees sign in and authenticate themselves using biometrics. With continued success moving its sensitive workloads to Azure, the BMW Group plans to share its experiences with other teams across the organization. It also wants to bring the benefits of its architecture to other core systems that have high demand for identity and access protection, with everything it’s done so far showing what’s possible for the future. Discover more about BMW Group on Facebook, Instagram, LinkedIn, X/Twitter, and YouTube.
Azure Confidential computing VM and OS disk encryption through HSM backed key CMK
Why Confidential Computing with HSM-Backed Keys Is Essential: In today’s cloud-first world, protecting sensitive data during processing is just as critical as securing it at rest or in transit. Azure Confidential Computing (ACC) Virtual Machines, when combined with Hardware Security Module (HSM)-backed Customer-Managed Keys (CMKs), provide a robust solution for organizations with strict security and compliance requirements. In this blog, we’ll explore a scenario and walk through a step-by-step solution to meet these advanced data protection needs. Scenario: Customer needs a highly sensitive application – May be its processing financial transactions, handling healthcare data or supporting a government workload. Customer demands not only high performance and isolation, but also complete encryption backed by Hardware Security Models (HSM) Solution: Components: Azure Confidential Computing Virtual Machine (ACC VM) Key Vault Premium (HSM Backed Key) Key Vault Key (CMK) Disk Encryption Set ACC VM with HSM CMK disk encryption Azure Confidential Computing (ACC) VMs are designed to protect data in use by performing computations in a hardware-based Trusted Execution Environment (TEE). This ensures that data remains secure even when it is being processed. Disk Encryption with HSM (Hardware Security Module) involves using HSM-backed keys stored in Azure Key Vault to encrypt the disks of your VMs. This provides an additional layer of security by ensuring that encryption keys are stored in a highly secure environment Importance of Confidential VMs Confidential VMs are crucial for organizations that handle sensitive data and require enhanced security measures. They provide the following benefits: Data Protection: Confidential VMs protect data in use, ensuring that it remains secure even during processing. Compliance: They help organizations meet regulatory and compliance requirements by providing robust security measures. Trust: By using hardware-based TEEs, Confidential VMs build trust with customers and stakeholders by ensuring that data is protected at all times Confidential VM Disk Encryption: Confidential VM OS Disk Encryption with Customer-Managed Keys (CMK) using Key Vault Premium tier backed Hardware Security Module (HSM) key provides enhanced security for virtual machines (VMs). This guide will walk you through the steps to configure confidential vm os disk Encryption with Key Vault Premium (HSM Backed Key) The following resources must be created in sequence to deploy Azure Confidential Computing (ACC) VMs with OS disk encryption using HSM-backed Customer-Managed Keys (CMKs) Key Vault with Premium Pricing Tier(HSM Backed Key) Disk Encryption Set utilizing HSM key Azure Confidential VM with Disk Encryption Set Prerequisites to create ACC VM 1. An Azure subscription. Free trial accounts don't support confidential VM. 2. To set up Confidential disk encryption with a customer-managed key, execute the command below to opt in the Confidential VM Orchestrator service principal to your tenant. Connect-Graph -Tenant "your tenant ID" Application.ReadWrite.All New-MgServicePrincipal -AppId bf7b6499-ff71-4aa2-97a4-f372087be7f0 -DisplayName "Confidential VM Orchestrator"New-MgServicePrincipal -AppId bf7b6499-ff71-4aa2-97a4-f372087be7f0 -DisplayName "Confidential VM Orchestrator" 3. Ensure that your subscription includes the following sizes, as Confidential VMs are supports these VM sizes only General Purpose without local disk: DCasv5-series, DCesv5-series General Purpose with local disk: DCadsv5-series, DCedsv5-series Memory Optimized without local disk: ECasv5-series, ECesv5-series Memory Optimized with local disk: ECadsv5-series, ECedsv5-series NVIDIA H100 Tensor Core GPU powered NCCadsH100v5-series 4. OS images for confidential VMs must meet specific security requirements to support a confidential OS disk encryption and ensure isolation from the underlying cloud infrastructure. Refer to the following link for the most up-to-date list of supported OS images for Azure Confidential Computing (ACC) VMs: OS Support Images Steps to Configure Azure Disk Encryption Set with Key Vault Supported HSM Step 1: Create a Key Vault with Premium Pricing Tier 1. Create Key Vault: Use the following command to create a Key Vault with the Premium pricing tier, which supports HSM-backed keys. az keyvault create --name <keyvaultName> --resource-group <resourceGroupName> --location <location> --sku premium --enable-rbac-authorization false 2. Enable Purge Protection: Enable purge protection to add an extra layer of security. az keyvault update --name <keyvaultName> --resource-group <resourceGroupName> --enable-purge-protection true 3. Configure Access Policy: Set the access policy to allow necessary permissions to user Manged identity. If you don’t have any user managed identity you can create one. az keyvault set-policy --name <keyvaultName> --object-id <user-managed-identity-object-id> --secret-permissions get list --key-permissions get list --certificate-permissions get list 4. Create HSM-backed Key: Create an HSM-backed CMK key in the Key Vault. az keyvault key create --vault-name <keyvaultName> --name <KeyName> --protection hsm Step 2: Create a Disk Encryption Set 1. Create Disk Encryption Set: Use the following command to create a Disk Encryption Set that will use the HSM-backed key. az disk-encryption-set create --resource-group <resourceGroupName> --name <diskEncryptionSetName> --key-url <https://<vaultEndpoint>/keys/<keyName>/<keyVersion>> --source-vault <KeyVaultName> 2. Grant Permissions: Grant necessary permissions to the Disk Encryption Set. az keyvault set-policy --name <keyvaultName> --resource-group <KeyVault Resource Group Name> --object-id $(az disk-encryption-set show --resource-group <rg of diskEncryptionSet> --name <diskEncryptionSetName> --query "identity.principalId" -o tsv) --key-permissions wrapKey unwrapKey get Best Practices Use Purge Protection: Always enable purge protection for your Key Vault to prevent accidental or malicious deletion of keys. Monitor and Audit: Continuously monitor and audit access to your Key Vault and encryption keys to detect any unauthorized access. By following these steps and best practices, you can ensure that your data is securely encrypted using Azure Disk Encryption with Key Vault's HSM-backed keys Step3: Azure Confidential Computing VM Creation and Disk Encryption with HSM Key Create the ACC VM: Use the following command to create an ACC VM and encrypt OS disk with diskEncryptionSet. az vm create --resource-group <RG of VM> --name <VM_Name> --image <Image name from supported list of os image ex. "Canonical:0001-com-ubuntu-confidential-vm-jammy:22_04-lts-cvm:latest"> --size <confidential vm supported size, ex. Standard_DC64ads_v5> --admin-username <UserName> --generate-ssh-keys --enable-vtpm true --public-ip-sku Standard --security-type ConfidentialVM --os-disk-security-encryption-type DiskWithVMGuestState --os-disk-encryption-set $(az disk-encryption-set show --resource-group <rg name diskEncryptionSet> --name <diskEncryptionSet name> --query id -o tsv) By following these steps, you can create an Azure Confidential Computing VM and encrypt its Operating System (OS disk) using the Disk Encryption Set created earlier. Common Questions for Azure Confidential virtual Machine 1. Custom Image can be used for confidential virtual machine (CVM)? Ans: Yes, custom image can use for CVM. Kindly refer => Create a custom image for Azure confidential VMs | Microsoft Learn 2. What Disk SKU and encryption can be used for OS, TEMP, and DATA Disks in CVM with CMK? Ans: For Azure Confidential VMs, the supported disk SKUs are primarily within the "DCasv5" and "ECasv5" series. Supported VM SKUs are => Azure Confidential VM options | Microsoft Learn Confidential OS disk encryption => About Azure confidential VMs | Microsoft Learn Confidential temp disk encryption => About Azure confidential VMs | Microsoft Learn 3. Is CVM Backup supported in Azure backup? Ans: Backup of ACC is not supported in Azure as of nowAnnouncing preview for the next generation of Azure Intel® TDX Confidential VMs
Today, we are excited to announce the preview of Azure’s next generation of Confidential Virtual Machines powered by the 5 th Gen Intel® Xeon® processors (code-named Emerald Rapids) with Intel® Trust Domain Extensions (Intel® TDX). This will help to enable organizations to bring confidential workloads to the cloud without code changes to applications. The supported SKUs include the general-purpose families DCesv6-series and the memory optimized families ECesv6-series. Confidential VMs are designed for tenants with high security and confidentiality requirements, providing a strong, attestable, hardware-enforced boundary. They ensure that your data and applications stay private and encrypted even while in use, keeping your sensitive code and other data encrypted in memory during processing. Improvements Azure’s next generation of confidential VMs will bring improvements and new features compared to our previous generation. These VMs are our first offering to utilize our open-source paravisor, OpenHCL. This innovation allows us to enhance transparency with our customers, reinforcing our commitment to the "trust but verify" model. Additionally, our new confidential VMs support Azure Boost, enabling up to 205k IOPS and 4 GB/s throughput of remote storage along with 54 GBps VM network bandwidth. We are expanding the capabilities of our Intel® TDX powered confidential VMs by incorporating features from our general purpose and other confidential VMs. These enhancements include Guest Attestation support, and support of Intel® Tiber™ Trust Authority for enterprises seeking operator independent attestation. Offerings The DCesv6-series VMs are designed to offer a balance of memory to vCPU ratio, with up to 128 vCPUs, and up to 512 GiB of memory. The ECesv6-series VMs are designed to offer an even higher memory to vCPU ratio, with up to 64 vCPUs, and 512 GiB of memory. Availability The DCesv6-series and ECesv6-series preview is available now in the East US, West US, West US 3 and West Europe regions. Supported OS images include Windows Server 2025, Windows Server 2022, Ubuntu 22.04, and Ubuntu 24.04. Please sign up at aka.ms/acc/v6preview and we will reach out to you.
Price reduction and upcoming features for Azure confidential ledger!
Effective March 1, 2025, you can keep your records in Azure confidential ledger (ACL) at the reduced price of ~$3/day per instance! The reduced price is for the computation and the ledger use. The price of any additional storage used will remain unchanged. To tamper protect your records: Automatically create hash (e.g. MD5 or SHA256) of your blob storage data and keep those in Azure confidential ledger. For forensics, you can verify the integrity of the data against the signature in ACL. Imagine doing this as you are migrating data from one system to another, or when you restore archived records from cold storage. It is also valuable when there is a need to protect from insider/administrator risks and confidently report to authorities. If you keep your data in Azure SQL database, you can use their security ledger feature to auto generate record digests and store them in confidential ledger for integrity protection and safeguarding. You can use the SQL stored procedure to verify that no tampering or administrator modifications occurred to your SQL data! In addition, we are announcing the preview of User Defined Functions for Azure confidential ledger. Imagine doing a schema validation before writing data to the Ledger or using pattern matching to identify sensitive information in log messages and perform data massaging to mask it. To increase your awareness, request access for this preview via the sign-up form. Get started by reading our documentation and trying out confidential ledger yourself! _____________________________________________________________________________________________________ What is Azure confidential ledger and what is the change? It is a tamper protected and auditable data store backed by a Merkle tree blockchain structure for sensitive records that require high levels of integrity protection and/or confidentiality. While customers from AI, financial services, healthcare, and supply chain continue to use the ledger for their business transaction’s archival needs and confidential data’s unique identifiers for audit purposes, we are acting on their feedback for scaling ledgers to more of their workloads with a more competitive price! How can I use Azure confidential ledger? - Azure SQL database ledger customers can enable confidential ledger as its trusted digest store to uplevel integrity and security protection posture - Azure customers who use blob storage have found value in migrating their workloads to Azure with a tamper protection check via the Azure confidential ledger Marketplace App. - Azure customers who use data stores and databases (e.g. Kusto, Cosmos, and Log Analytics) may benefit from auditability and traceability of logs being kept in the confidential ledger with new compliance certifications in SOC 2 Type 2 and ISO27001. How much does Azure confidential ledger cost? - Approximately $3/day/ledger _____________________________________________________________________________________________________ Resources Explore the Azure confidential ledger documentation Read the blog post on: Integrity protect blob storage Read the blog post on: How to choose between ledger in Azure SQL Database and Azure Confidential Ledger Read the blog post on: Verify integrity of data transactions in Azure confidential ledger View our recent webinar in the Security Community Recent case studies: HB Antwerp & BeekeeperAI
Confidential Temp Disk Encryption for Confidential VMs in Public Preview
We are announcing the public preview of confidential temp disk encryption for confidential VMs. Until recently, confidential encryption has only been available for OS disks. It binds the disk encryption keys to the virtual machine’s TPM (Trusted Platform Module) and makes the disk content accessible only to the VM. With this release, we are extending this protection by enabling encryption of the temp disk, using in-VM symmetric key encryption technology, after the disk is attached to the confidential VM (CVM).
