This page shows you the full set of options for creating a Confidential VM instance. To see the quickest way to create a Confidential VM, see the quickstart. To learn about Confidential VM's features and concepts, see Confidential VM and Compute Engine.
Considerations
Confidential VM does not support live migration.
You can only enable Confidential Computing on a VM when you first create the instance.
Check which regions and zones support Confidential VM.
Before you begin
- Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
-
In the Google Cloud console, on the project selector page, select or create a Google Cloud project.
-
Make sure that billing is enabled for your Cloud project. Learn how to check if billing is enabled on a project.
-
Enable the Compute Engine API.
-
In the Google Cloud console, on the project selector page, select or create a Google Cloud project.
-
Make sure that billing is enabled for your Cloud project. Learn how to check if billing is enabled on a project.
-
Enable the Compute Engine API.
- Optional: To use the Google Cloud CLI examples in this guide:
- Install or update to the latest version of the Google Cloud CLI.
- Set a default region and zone for your client that supports Confidential VM.
- Optional: To use the API examples in this guide, set up authorization for your requests. Learn more about OAuth 2.0.
Create a Confidential VM instance
To create a Confidential VM, complete the following steps.
Console
In the Google Cloud console, go to the VM Instances page.
Select Create instance.
In the Confidential VM service section, click Enable.
In the Enable Confidential Computing dialog, review the list of settings that are updated when you enable the service. They can include the following fields, if they were set to incompatible values.
- Series and Machine type. Learn more about supported machine types.
- Region and zone. Learn more about supported regions.
- Boot disk image. Learn more about supported operating systems and images.
- On host maintenance. Learn more about availability policies.
- Network interface card. Learn more about Google Virtual NIC.
Click Enable.
(Optional) Using the AMD EPYC Milan processor
To set your instance to the AMD EPYC Milan processor, go to the Machine configuration section. Expand CPU Platform and GPU, and then select AMD Milan or later. Learn more about Compute Engine and AMD EPYC Milan processors.
Verify that you are satisfied with these settings, and then click Create.
You return to the VM instances page where you can view the status and
details for your new instance. When a
appears under
Status, your new Confidential VM is ready to use.
gcloud
To create a Confidential VM instance with the gcloud CLI,
use the instances create
subcommand with the --confidential-compute
flag. You must also set the --maintenance-policy flag to TERMINATE
because Confidential VM does not support
live migration.
gcloud compute instances create INSTANCE_NAME \ --machine-type "MACHINE_TYPE" --zone "ZONE_NAME" \ --confidential-compute --maintenance-policy=TERMINATE \ --image-family=IMAGE_NAME \ --image-project=IMAGE_PROJECT
Where:
- INSTANCE_NAME is the name of the new instance.
- MACHINE_TYPE is the Confidential VM-supported machine type.
- ZONE_NAME is the Confidential VM-supported zone in which to create the instance.
- IMAGE_NAME is the Confidential VM-supported image.
IMAGE_PROJECT is project containing the image.
Using the AMD EPYC Milan processor
To set your instance to the AMD EPYC Milan processor, include the
--min-cpu-platform="AMD Milan"flag in thegcloud compute instances createcommand. Learn more about Compute Engine and AMD EPYC Milan processors.
The following example command creates an n2d-standard-16-type instance
called "example-instance" in the us-central1-f zone:
gcloud compute instances create example-instance \
--machine-type "n2d-standard-16" --zone "us-central1-f" \
--confidential-compute --maintenance-policy=TERMINATE \
--image="example-cvm-image" \
--image-project="public-image-project"
API
To create a Confidential VM using the Compute Engine API, post a creation
request to the Instances REST
resource. In the request, set enableConfidentialCompute to TRUE. You
must also set onHostMaintenance to TERMINATE because
Confidential VM does not support
live migration.
POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/zones/ZONE_NAME/instances
{
"machineType": "zones/ZONE_NAME/machineTypes/MACHINE_TYPE",
"name": "INSTANCE_NAME",
"minCpuPlatform": "MIN_CPU_PLATFORM",
"confidentialInstanceConfig": {
"enableConfidentialCompute": true
},
"scheduling": {
"automaticRestart": true,
"nodeAffinities": [],
"onHostMaintenance": "TERMINATE",
"preemptible": false
}
...
}
Where:
- PROJECT_ID is your project identifier.
- ZONE_NAME is the zone in which to create the instance.
- MACHINE_TYPE is a N2D or C2D machine type.
- INSTANCE_NAME is the name of new instance.
MIN_CPU_PLATFORM is the minimum CPU platform. Optional.
Using the AMD EPYC Milan processor
To set your instance to the AMD EPYC Milan processor, set MIN_CPU_PLATFORM to
"AMD Milan".Learn more about Compute Engine and AMD EPYC Milan processors.
Enabling higher network bandwidth for C2D machine types
The three largest C2D Compute Engine VM shapes (32, 56, and 112) support high-bandwidth networking. When you select a Tier 1 network bandwidth configuration, the egress bandwidth increases from the default 32 Gbps to 50 or 100 Gbps. To achieve the higher Tier 1 bandwidth speeds, the instance must be running the gVNIC virtual network driver. Learn more about configuring a VM with higher bandwidth.
Verify AMD SEV is enabled
Confidential VM uses AMD Secure Encrypted Virtualization (SEV). To
verify that Confidential Computing is enabled, you may be able to use
dmesg logs to verify that AMD SEV is active for your VM. Depending
on the Linux distribution and other software installed on the guest, dmesg
logs might be maintained differently. For definitive guidance about how to query
dmesg logs, refer to the documentation for the Linux distribution.
To verify that AMD SEV is active for your VM, complete the following
steps to connect to your instance, and then view the dmesg log.
In the Google Cloud console, go to the VM Instances page.
In the table on the Instances tab, find the row for your new Confidential VM instance.
To open a terminal window for interacting with your Confidential VM instance, click SSH in the same row.
On some Linux distributions, you might be able to verify that the Confidential VM instance is using AMD SEV by running the following
dmesgcommand in the terminal window.dmesg | grep SEV | head
You should receive a response that AMD Secure Encrypted Virtualization (SEV) is
active.
To learn how to obtain more detailed information about the state of the Confidential VM instance by examining Cloud Monitoring integrity validation events, see Validating Confidential VM instances using Cloud Monitoring.
Verify the identity token of a Confidential VM
Before sending any sensitive information to the VM instance, your applications
can request for the VM's unique identity token from the metadata server. The
identity token includes details about an instance such as the
instance ID, creation time, and license codes for the instance's images.
The token also contains a claim to verify whether the VM is confidential. For a
Confidential VM, the instance_confidentiality claim has a value of 1.
To learn how to obtain and decode the identity token of a VM, see Verifying the identity of an instance.
What's next
- Learn how to obtain more detailed information about the state of the Confidential VM instance by examining Cloud Monitoring integrity validation events.
- Learn about the key concepts and terminology for Confidential VM.