Before sending sensitive information to a Confidential VM instance, your applications can request the VM's unique identity token from a metadata server. The identity token includes details about an instance such as the instance ID, creation time, license codes for the instance's images, and whether the VM is a Confidential VM instance.
If the instance_confidentiality
claim in the token has a value of 1
, then
the VM is a Confidential VM instance.
To learn how to obtain and decode the identity token of a VM, see Verifying the identity of an instance.