Verify Confidential Computing is enabled

There are multiple ways to verify that Confidential Computing is enabled for a VM instance.

gcloud

Run the following command to determine which Confidential Computing technology your Confidential VM is using:

gcloud compute instances describe INSTANCE_NAME \
    --zone=ZONE_NAME \
    --format="yaml(confidentialInstanceConfig)"

Provide the following values:

  • INSTANCE_NAME: The Confidential VM instance name.

  • ZONE_NAME: The zone the Confidential VM instance is operating in.

You receive one of the following responses if your VM instance is using AMD SEV:

confidentialInstanceConfig:
  enableConfidentialCompute: true

confidentialInstanceConfig:
  confidentialInstanceType: SEV

You receive one of the following responses if your VM instance is using AMD SEV-SNP or Intel TDX:

confidentialInstanceConfig:
  confidentialInstanceType: SEV_SNP

confidentialInstanceConfig:
  confidentialInstanceType: TDX

dmesg

To determine which Confidential Computing technology your Confidential VM is using, you might be able to use the dmesg logs on your VM.

To check if your dmesg logs contain Confidential Computing information, use SSH to connect to your VM and run dmesg:

  1. In the Google Cloud console, go to the VM Instances page.

    Go to VM Instances

  2. In the table on the Instances tab, find the row for your Confidential VM instance.

  3. To open a terminal window for interacting with your Confidential VM instance, click SSH in the same row.

  4. Run the following command:

    sudo dmesg | grep -i "Encryption Features active"

If your VM is using AMD SEV, the response should be similar to the following example:

Memory Encryption Features active: SEV

If your VM is using AMD SEV-SNP, the response should be similar to the following example:

Memory Encryption Features active: SEV SEV-ES SEV-SNP

If your VM is using Intel TDX, the response should be similar to the following example:

Memory Encryption Features active: Intel TDX

Identity tokens

You can request a VM's unique identity token from a metadata server to verify information such as its instance ID, creation time, license codes for the instance's images, and whether the VM is a Confidential VM instance.

If the instance_confidentiality claim in the token has a value of 1, then the VM is a Confidential VM instance. The token doesn't describe what Confidential Computing technology is in use.

To learn how to obtain and decode the identity token of a VM, see Verifying the identity of an instance.

To retrieve more detailed information about the state of a Confidential VM instance, you can examine integrity validation events. For more information, see Monitor Confidential VM integrity.