We're excited to announce Windows Virtual Desktop support for Azure Trusted Launch! Trusted Launch is currently in Public Preview, and is a Gen2 Azure VM with enhanced security features such as secure boot, vTPM, virtualization-based security, Windows Defender Credential Guard, and Hypervisor-Protected Code Integrity.
The capability to deploy a Trusted Launch VM through the host pool creation process has not been enabled yet. To try out Trusted Launch in WVD, you will need to deploy a Trusted Launch VM normally and then manually add the VM to your desired host pool through the following steps:
Generate a new registration key for your host pool
RDP into your Trusted Launch VM
Download the Windows Virtual Desktop Agent and Windows Virtual Desktop Agent bootloader from here.
Install the Windows Virtual Desktop Agent on your VM and when prompted for the registration key, enter the one generated in step 1.
Install the Windows Virtual Desktop Agent bootloader on your VM.
The VM will now show up as a session host in your host pool. Sometimes the session host will show up as unavailable initially, this most likely means it's updating to the latest agent.
For WVD's official support statement for Trusted Launch, please visit our documentation found here. If you want to learn more about Trusted Launch and its various capabilities, documentation for Trusted Launch can be found here.