Microsoft has moved its sensitive containers on Azure Container Instances (ACI) from Limited Preview to Public Preview as full general availability is one step closer.
Microsoft blog post (opens in a new tab) explains how the service uses Secure Encrypted Virtualization and Secure Nested Paging (SEV-SNP) technology in AMD’s latest server chips.
ACI product manager Peter Pogorski explained how Azure customers are “increasingly turning to cloud-native, container-based applications for their workloads,” but still require a high level of data protection.
Azure sensitive containers
“This serverless platform enables Linux containers to run in a hardware-certified Trusted Execution Environment (TEE), providing the simplicity of a serverless container platform with enhanced security for confidential computing,” Pogorski concluded.
The data you use can be protected in confidential containers by processing it in encrypted memory, for which Microsoft thanks AMD with its EPYC processors.
Confidential containers are designed to run with verifiable provisioning policies, which means Azure customers can also ensure that the code being executed is trusted and verified, helping to eliminate unintentional data leaks.
Collaboratively, guests can also review the attestation report to ensure they are happy with the application running in the container group before sharing sensitive information.
ACI currently supports batch processing, data processing pipelines, and continuous integration, but Microsoft believes sensitive containers will open up its services to even more scenarios.
In its limited preview announcement (opens in a new tab)Azure Confidential Computing product manager Amar Gowda said:
“We are excited to offer confidential serverless offerings with full lift & shift container support while continuing to innovate in this fast-growing confidential computing and cloud-native space.”
Although there is no official information about full availability, the rapid pace of development suggests that confidential data processing is crucial for many companies seeking to optimize their IT systems.