A Confidential Virtual Machine (Confidential VMs) is a type of N2D Compute Engine VM running on hosts based on the second generation of AMD Epyc processors, code-named "Rome." Using AMD Secure Encrypted Virtualization (SEV), Confidential VMs optimizes both performance and security for enterprise-class high memory workloads, and includes inline memory encryption that doesn't introduce significant performance penalty to those workloads.
These capabilities allow you to keep your data and apps encrypted at all times, including while processing sensitive data in memory. Google does not have access to the encryption keys. Along with encryption of data in transit and at rest using customer-managed encryption keys (CMEK) and customer-supplied encryption keys (CSEK), Confidential VMs adds a "third pillar" to the end-to-end encryption story by encrypting data while in use. In addition, Confidential VMs can help alleviate concerns about risk related to either dependency on Google infrastructure or Google insiders' access to customer data in the clear.
You can select the Confidential VMs service when creating a new VM
using the Google Cloud Console, the Compute Engine Beta API, or the
The AMD Rome processor family is specifically optimized for compute-heavy workloads, with high memory capacity, high throughput, and support for parallel workloads. In addition, AMD SEV provides for Confidential Computing support.
AMD SEV offers high performance for the most demanding computational tasks, while keeping all memory encrypted with a dedicated per-VM instance key that is generated by hardware. These keys are generated by the AMD Platform Security Processor (PSP) during VM creation and reside solely within the processor. These keys are not accessible by Google.
Security and privacy features
With the confidential execution environments provided by Confidential VMs and AMD SEV, Google Cloud keeps customers' sensitive code and other data encrypted in memory during processing.
Memory encryption ensures that data is encrypted while it's in RAM. Main memory encryption is performed using dedicated hardware within the on-die memory controllers. Each controller includes a high-performance Advanced Encryption Standard (AES) engine. The AES engine encrypts data as it is written to DRAM or shared between sockets, and decrypts it when data is read. This makes the content of the memory more resistant to memory snooping and cold boot attacks.
- To quickly get started creating a new Confidential VMs instance, see Quickstart: Creating a Confidential VMs instance.
- For in-depth instructions about how to create a new Confidential VMs instance, see Creating a Confidential VMs instance.
- To learn about monitoring the state of your Confidential VMs instance, see Validating Confidential VMss using Cloud Monitoring.