Azure Confidential Computing

AzureCompute

VMs and containers that keep data encrypted while in use via AMD SEV-SNP and Intel TDX hardware enclaves, plus Always Encrypted for Azure SQL, Confidential Containers on AKS, and the Managed HSM to protect cryptographic keys — for regulated workloads demanding runtime protection

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore Azure in TreemapExplore compute in Honeycomb
DocumentationPricing

Attributes

Encryption In Use
Yes
Attestation
Yes

Sub-services (3)

Confidential VMs

DCasv5, ECasv5, DCesv5, ECesv5 VMs with memory encryption and remote attestation

Confidential Containers on AKS

Kata-Containers-based confidential pods running inside SEV-SNP enclaves

Confidential Ledger

Tamper-proof append-only ledger backed by enclave-attested Merkle trees

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

GDPRSOC 2ISO 27001HIPAAPCI DSSFedRAMPG-Cloud

Where this runs

73 regions
36 countries
13sovereign
Sovereign regions (13)
  • Australia Central · CanberraAzure Australia Government
  • Australia Central 2 · CanberraAzure Australia Government
  • US Gov Virginia · VirginiaAzure Government
  • US Gov Arizona · ArizonaAzure Government
  • US Gov Texas · TexasAzure Government
  • US DoD East · VirginiaAzure Government Secret
  • US DoD Central · IowaAzure Government Secret
  • China North (Beijing) · BeijingMicrosoft Azure China (21Vianet)
  • China East (Shanghai) · ShanghaiMicrosoft Azure China (21Vianet)
  • China North 2 · BeijingMicrosoft Azure China (21Vianet)
  • China East 2 · ShanghaiMicrosoft Azure China (21Vianet)
  • China North 3 · HebeiMicrosoft Azure China (21Vianet)
  • China East 3 · ShanghaiMicrosoft Azure China (21Vianet)
Commercial regions (60)

Europe (21)

  • Austria East
  • Belgium Central
  • Denmark East
  • Finland Central
  • France South
  • France Central
  • Germany North
  • Germany West Central
  • Greece Central
  • North Europe
  • Italy North
  • West Europe
  • Norway East
  • Norway West
  • Poland Central
  • Spain Central
  • Sweden Central
  • Switzerland West
  • Switzerland North
  • UK West
  • UK South

North America (13)

  • Canada East
  • Canada Central
  • Mexico Central
  • West US
  • East US 3
  • North Central US
  • Central US
  • West US 3
  • South Central US
  • East US
  • East US 2
  • West US 2
  • West Central US

South America (3)

  • Brazil Southeast
  • Brazil South
  • Chile Central

Asia (13)

  • East Asia
  • South India
  • Jio India West
  • West India
  • Jio India Central
  • Central India
  • Indonesia Central
  • Japan West
  • Japan East
  • Malaysia West
  • Southeast Asia
  • Korea South
  • Korea Central

Oceania (3)

  • Australia East
  • Australia Southeast
  • New Zealand North

Middle East (5)

  • Israel Central
  • Qatar Central
  • Saudi Arabia Central
  • UAE Central
  • UAE North

Africa (2)

  • South Africa West
  • South Africa North

Tags

confidentialsev-snptdxenclavesencryption-in-usecompute

Equivalent services on other platforms

Amazon EC2AWS

Secure, resizable virtual servers in the cloud with on-demand, reserved, spot, and savings-plan pricing, over 600 instance types, and Nitro-based hardware isolation

IBM Hyper Protect ServicesIBM

Confidential computing family built on IBM LinuxONE and Secure Execution for Linux — offers Hyper Protect Virtual Servers, Crypto Services with FIPS 140-3 Level 4 HSMs, and Database as a Service with customer-controlled keys that even IBM cannot access

Pricing

Pricing model:pay-as-you-go