Create custom Confidential VM images

You can create a Confidential VM instance based on your own custom Linux image. This is the same process as creating a custom Linux image for Compute Engine, with additional requirements.

Confidential VM custom image requirements

Make sure to follow these requirements when building a custom image for a Confidential VM instance.

AMD SEV and SEV-SNP-related Linux kernel patches

The minimum kernel version required for Confidential VM differs depending on the technology you need.

  • For SEV, use kernel version 5.4 or later.

  • For SEV with live migration, you can use kernel version 6.6 or later. For long-term support (LTS) kernels, use version 6.1 LTS or later.

  • For SEV-SNP (Preview), use 6.1LTS or later.

Additionally, make sure the following kernel options are enabled:

  • CONFIG_AMD_MEM_ENCRYPT

  • CONFIG_NET_VENDOR_GOOGLE

  • CONFIG_PCI_MSI

  • CONFIG_GVE

  • CONFIG_SWIOTLB

If you need to use earlier kernel versions, you might need to do additional work to install device drivers.

Google Virtual Network Interface Controller (gVNIC) device driver

Use version 1.01 or later of the gVNIC driver. For additional instructions, see Using Google Virtual NIC.

NVMe interface

The NVMe interface must be available during boot on the guest operating system for persistent disks and attached SSDs.

The kernel and initramfs image (if used) must include the NVMe driver module to mount the root directory.

Operating system feature tags

Confidential VM instance creation requires that the image has the SEV_CAPABLE, SEV_LIVE_MIGRATABLE_V2, or SEV_SNP_CAPABLE guest OS feature tag.

See Enable guest operating system features on custom images to learn how to add a tag with the --guest-os-features flag.

What's next

Learn more about using operating system images to create boot disks for Compute Engine instances.