Guest Attestation for Confidential AVD: Proving Your VMs Are Actually Confidential”
Read OriginalThis blog post explains Guest Attestation for Confidential Azure Virtual Desktop (AVD) session hosts, part of a series on confidential computing. It covers how to cryptographically prove VMs run in a genuine Trusted Execution Environment (TEE) using AMD SEV-SNP. The article details why a custom Azure Attestation Provider isn't needed, how to decode JWT tokens, verify RS256 signatures, and use PowerShell for validation. It includes Bicep modules, KQL queries, Azure Policy, and a six-step validation script for monitoring attestation health.
Comments
No comments yet
Be the first to share your thoughts!
Browser Extension
Get instant access to AllDevBlogs from your browser
Top of the Week
No top articles yet