Azure Confidential Computing with AMD VMs

[German]Microsoft has released an initial preview of Azure DCasv5/ECasv5 (confidential virtual machines with AMD SEV-SNP VM isolation) powered by third-generation AMD EPYC™ processors with SEV-SNP.


AMD SEV-SNP VM Isolation

AMDs Secure Encrypted Virtualization (SEV) is a technology introduced in 2016 to encrypt virtual machine memory. AMD has published a white paper (PDF) here. This allows to isolate the virtual machine (VM) from the hypervisor. Later, SEV-SNP (SNP stands for Secure Nested Paging) was added. This AMD page still has an overview ready.

Azure with AMD SEV-SNP

The other day I came across Microsoft's announcement via Twitter with the topic Expanding Azure Confidential Computing with new AMD-based confidential VMs by Mark Russinovich.

In a tech community post, Microsoft announced the public preview (preview) of Azure DCasv5/ECasv5 confidential virtual machines (VMs) powered by 3rd generation AMD EPYC™ processors with SEV-SNP. Microsoft writes that these new VMs provide an easy way to deploy confidential workloads, and do so without requiring any changes to existing applications or code.

The workloads are enabled on the same hardware configuration as general-purpose virtual machines and offer performance features that allow customers to run general-purpose workloads while meeting desired confidentiality and performance requirements. AMD recently released several benchmarks of these confidential Azure VMs. Microsoft writes:


Azure's new AMD-based confidential VMs are designed to ensure confidentiality not only between different cloud customers, but also between customers and the cloud itself.

These hardware-encrypted virtual machines feature integrity-protected full-state encryption and advanced hardware security based on AMD's advanced Secure Encrypted Virtualization (SEV) security feature and, in particular, Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP).

Using the techniques, AMD SEV-SNP protects the guest by denying the hypervisor and other host management code access to VM memory and state, protecting against access by cloud operators. Combined with Azure Full Disk Encryption and Azure Managed HSM, customer code and data are encrypted in use, in transit and at rest with encryption keys that are protected and can be controlled by the customer. The VM in its entirety benefits from a strong layer of protection reinforced by hardware.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Cloud, Security, Virtualization and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *