Quickstart: Creating a Confidential VM instance

This page guides you through setting up a new Confidential VMs instance using the Google Cloud Console. To learn how to set up a new Confidential VMs instance using gcloud or the Compute Engine API, see Creating a Confidential VMs instance.

Before you begin

  1. Connectez-vous à votre compte Google.

    Si vous n'en possédez pas déjà un, vous devez en créer un.

  2. Dans Cloud Console, sur la page de sélection du projet, sélectionnez ou créez un projet Cloud.

    Accéder à la page de sélection du projet

  3. Vérifiez que la facturation est activée pour votre projet Google Cloud. Découvrez comment vérifier que la facturation est activée pour votre projet.

  4. Enable the Compute Engine API.

    Enable Compute Engine API

Create the Confidential VM instance

  1. In the Cloud Console, go to the VM Instances page.

    Go to the VM Instances page

  2. Click Create instance.
  3. Click CPU platform and GPU to expand the section.

  4. Leave CPU Platform set to Automatic.
  5. Select the Confidential VM Service checkbox.

  6. A message appears letting you know the settings that will be changed if you enable the service. Click Enable.

The default OS boot disk changes to Ubuntu 18.04 LTS. To change the boot disk to a different OS, click Change to select one of the supported OSes for Confidential VMs.

For the purposes of this quickstart, you can keep the remaining options at their default values or make any changes you might want. When you're done, click Create.

Connect to your instance

  1. In the Cloud Console, go to the VM Instances page.

    Go to the VM Instances page

  2. In the list of virtual machine instances, click SSH in the row of the instance that you want to connect to.

You now have a terminal window for interacting with your Confidential VMs instance.

Verify that AMD SEV is enabled

To verify that the newly created Confidential VMs instance is using AMD SEV, run the following command after you've connected to the instance:

dmesg | grep SEV | head

If AMD SEV is enabled, you'll see a response like the following:

[    0.290272] AMD Secure Encrypted Virtualization (SEV) active

To learn how to obtain more detailed information about the state of the Confidential VMs instance by examining Cloud Monitoring integrity validation events, see Validating Confidential VMss using Cloud Monitoring.

Clean up

To avoid incurring charges to your Google Cloud account for the resources used in this quickstart, follow these steps.

  1. Dans Cloud Console, accédez à la page Instances de VM.

    Accéder à la page Instances de VM

  2. Cochez la case correspondant à à l'instance que vous souhaitez supprimer.
  3. Cliquez sur Supprimer  pour supprimer l'instance.

What's next