Protect data in-use with Confidential VMs, Confidential GKE, Confidential Dataproc, and Confidential Space.
Breakthrough in confidentiality
Confidential VMs are a breakthrough technology that allow customers to encrypt their most sensitive data in the cloud while it’s being processed.
Simple for everyone
Google Cloud’s approach allows customers to encrypt data in use without making any code changes to their applications or having to compromise on performance.
Enabling new possibilities
Confidential Computing can unlock scenarios which previously have not been possible. Organizations will be able to collaborate, all while preserving the confidentiality of their data.
Confidential VMs and Compute Engine
Learn more about Confidential VMs in Compute Engine, including support for end-to-end encryption, compute-heavy workloads, and more security and privacy features.
Creating a Confidential VM instance
Quickly get up and running with a new Confidential VM instance using default settings in the Google Cloud Console.
Try Confidential VM
Learn how to create a Confidential VM instance in an interactive tutorial.
Validating Confidential VMs using Cloud Monitoring
Learn how to use Cloud Monitoring to monitor and validate the integrity of a confidential VM's OS, the integrity and version of the VM's SEV, and more.
Confidential GKE Nodes
Get started with Confidential GKE Nodes
Dataproc Confidential Compute
Learn how to create a Dataproc cluster that uses Compute Engine Confidential VMs to provide inline memory encryption.
Ubiquitous data encryption with STET
Learn how to accomplish unified control of data at-rest, in-use, and in-transit with ubiquitous data encryption and the Split-Trust Encryption Tool.
APIs & references
View APIs, references, and other resources for Confidential VMs.
|Real-time encryption in use||Google Cloud customers can encrypt data in use, taking advantage of security technology offered by modern CPUs (e.g., secure encrypted virtualization supported by 3rd Gen AMD EPYC™ CPUs) together with confidential computing cloud services. Customers can be confident that their data will stay private and encrypted even while being processed.|
|Lift and shift confidentiality||Our goal is to make Confidential Computing easy. The transition to Confidential VMs is seamless—all workloads you run today, new and existing, can run as a Confidential VM. You do not need to make any code changes to your applications to use Confidential VMs. One checkbox—it’s that simple.|
|Detection of advanced persistent attacks||Confidential Computing builds on the protections Shielded VMs offer against rootkit and bootkits. This helps ensure the integrity of the operating system you choose to run in your Confidential VM.|
|Enhanced innovation||Confidential Computing can unlock computing scenarios that have previously not been possible. Organizations will now be able collaborate on sensitive and regulated data in the cloud, all while preserving confidentiality.|
|High performance||Confidential VMs offer similar performance to standard N2D VMs. Explore tech docs and whitepapers.|