A set of Shielded Instance options. Check Images using supported
Not all combinations are valid.
Defines whether the instance has Secure Boot
Secure Boot helps ensure that the system only
runs authentic software by verifying the digital
signature of all boot components, and halting
the boot process if signature verification
fails. Disabled by default.
Defines whether the instance has the vTPM
enabled. Enabled by default.
Defines whether the instance has integrity
Enables monitoring and attestation of the boot
integrity of the instance. The attestation is
performed against the integrity policy baseline.
This baseline is initially derived from the
implicitly trusted boot image when the instance
is created. Enabled by default.