Azure offers trusted launch as a seamless way to improve the security of Gen 2 virtual machines (VMs) by protecting against advanced and persistent attack techniques. Trusted launch is composed of several, coordinated infrastructure technologies that can be enabled independently. Each technology provides another layer of defense against sophisticated threats.
Trusted launch preview in Azure Kubernetes Service (AKS) enables administrators to deploy AKS nodes, which contain the underlying virtual machines, with verified and signed bootloaders, OS kernels, and drivers. By using secure and measured boot, administrators gain insights and confidence of the entire boot chain’s integrity and can ensure workloads are trusted and verifiable.