Microsoft and AMD announce yet another partnership to secure more Azure VMs

Kareem Anderson

Microsoft and AMD have been getting cozy recently as the two have seemingly announced chipset partnerships across a wide range of flagship devices and services from gaming consoles to cloud servers.

Today, March 15, 2021, the two are back at it again, announcing a broader collaborative effort that will enable more Azure confidential computing options with support of AMD’s EPYC 7003 series processors. Chief technology officer and Microsoft Technical Fellow Mark Russinovich, took to the company’s Cloud Strategy blog to extol the virtues of its new AMD collaboration.

Today, I am announcing that we are further broadening the confidential computing options available to Azure customers through our technology partnership with AMD, specifically by being the first major cloud provider to offer confidential virtual machines on the new AMD EPYC™ 7003 series processors. This new approach complements existing Azure confidential computing solutions such as confidential containers for Azure Kubernetes Service and opens the possibility to create new confidential applications without requiring code modifications which in turn substantially simplifies the process of creating confidential applications.

Key technology enablers to the AMD-centered solution include the advanced security feature called Secure Encrypted Virtualization-Secure Nested Paging, or SEV-SNP. SEV-SNP enables protection of virtual machines by creating a trusted execution environment and has been substantially enhanced in the 3rd Gen AMD EPYC processor.


Specifically, Russinovich notes that the AMD EPYC-CPU powered Azure VMs will be fully encrypted at runtime as well as being able to generate VM encryption keys through a dedicated processor on the EPYC CPU. The new inclusion of the process of key generation should allow for fewer hands handling setups initially, which is a win for bother consumers ad enterprise users alike.

In addition, Azure will provide Azure Attestation service which, “collects evidence that the hardware environment is correct and then provides a cryptographic signal to Azure Key Vault to securely release the decryption key for the virtual machine image only if the environment is in a known good state.”

Adding this new level of support for 3rd Gen AMD EPYC CPU supported confidential computing allows users of specific on-premises hardware to encrypt entire VMs without having to recompile code, while also leveraging Azure’s evolving security measures. In the end, the Microsoft and AMD’s collaboration should make VM’s with support of this chip, more secure and less vulnerable to bootkits, rootkits, and kernel-level malware which is a win-win for all parties involved.