Azure AMD-based confidential VMs (DCadsv5-series, DCasv5-series, ECadsv5-series, and ECasv5-series) are now generally available in the Italy North, Germany West Central, and UAE North regions. This brings these confidential VM SKUs to a total of 12 regions worldwide:
-
North America: East US, West US.
-
EMEA: Switzerland North, Italy North, North Europe, West Europe, Germany West Central, UAE North.
-
Asia: Japan East, Central India, East Asia, Southeast Asia.
These confidential VMs provide a strong, hardware-enforced boundary that hardens the protection of the guest OS against host operator access and other Azure tenants. These VMs are designed to help ensure that data in use, in memory, is protected from unauthorized users using encryption keys generated by the underlying chipset and inaccessible to Azure operators. These features are included with all Azure confidential VMs:
-
Ability to lift and shift workloads to a confidential environment without needing to take any dependencies on any confidential computing libraries.
-
In-memory encryption of data with a hardware based dedicated key per VM helping to guard against attacks from a malicious OS, or Hypervisor components.
-
Support for remote attestation to enable a relying party to verify that a service is running in a TEE before processing any sensitive data.
To learn more about confidential VMs, read the documentation. To check the latest regional availability of these VMs visit the Products available by region page for virtual machines.