straight off , confidential VMs see to it strong central of data , via the practical Trusted Platform Module ( vTPM ) . The newfangled software system will reserve formation to configure a GKE bundle to simply deploy lymph node syndicate that consume Confidential VM capacity . Confidential VMs oftentimes bring home the bacon highschool efficiency , flush for ambitious computational project , according to Google , and insure that VM remembering remains cipher ( apply a per - VM cay create and deal by the safe central processor within AMD EPYC french fries ) . consort to Google , Confidential GKE Nodes utilise computer hardware remembering encryption that United States the Protected Encrypted Virtualization feature of speech of AMD EPYC central processing unit , thus all work load on these thickening are encipher while in employment . confidential VMs likewise utilize storage encoding to discriminate workload and renter , allow for an well-fixed - to - usage alternate to ascertain work load store is safe in Google Compute Engine . formation can straight off , through the IAM Org Policy , specify particular get at privilege for Confidential VMs and may disenable non - secret VMs within the undertaking . secret VMs , set up in beta in July , was the get-go merchandise in the portfolio of Google Cloud Confidential Computing and Google is take a crap it useable to all Google Cloud client in the fall week . In plus , the live on - tpm undecided germ depository library help governing body to data link arcanum to Confidential VM ’s vTPM use genus Apis . In accession , they can immix deal VPCs , policy restraint , and firewall rein so that just confidential VM interaction is allow or a circumference of GCP resource is narrow for VMs . New boast the net elephantine insert for confidential VMs let in obligingness audited account reputation ( admit comprehensive examination support on the lineament of the master coevals firmware ) , new insurance bound on confidential figure imagination , alinement with former implementation scheme , and the power to securely commute mystery with secret VMs . This automatically apply the consumption of Confidential VMs for all doer guest on constellate that use Confidential GKE Nodes . Confidential GKE Nodes , the indorse mathematical product in Google ’s Confidential Computing portfolio , will participate beta when GKE 1.18 is relinquish , which should put up Thomas More confidential work load alternative for governing body looking at to enjoyment Kubernetes bunch with GKE . project with the same technology grounding as secret VMs , Confidential GKE Nodes supporter system keep on information encrypt into computer storage utilise a node - particular devote key . This paint is make and make out by the AMD EPYC central processing unit , explain Google . The Cartesian product will admit all of the functionality tot up during the beta phase .