Microsoft Announces Ephemeral OS Disk Support for Confidential Azure VMs
Microsoft has announced Ephemeral OS disk support for Azure confidential virtual machines (VMs). The new feature enables organizations to use Azure hardware-based trusted execution environments (TEEs) in order to protect sensitive data while is being processed from unauthorized access.
Azure confidential computing was first announced at Microsoft’s Ignite conference in 2017. These confidential VMs are designed for organizations that handle highly sensitive workloads in the cloud. Confidential VMs use hardware-protected encryption keys to ensure that customer data remains encrypted in memory, in transit (over a network), and at rest (in storage). It helps to protect sensitive information from hackers, government warrants, as well as Microsoft’s administrators.
Key features of Ephemeral disks
With this release, Microsoft says that OS disk data will be lost when the VMs are resized, redeployed, restarted, or maintained (using healing or live migration). The company highlights several unique features offered by Ephemeral disks, such as support for Azure Compute Gallery, custom images, and Marketplace.
Additionally, Ephemeral OS disks allow users to fast reset/reimage virtual machines as well as scale set instances back to the original boot state. Other capabilities include stateless application support, lower latency, and more.
“Ephemeral OS disks work well for stateless workloads, where applications are tolerant of individual VM failures but are more affected by VM deployment time or reimaging of individual VM instances. With Ephemeral OS disk, you get lower read/write latency to the OS disk and faster VM reimage,” Microsoft explained.
Ephemeral OS disks support is available for free in all Azure regions
According to the support document, Ephemeral OS disk support is currently available in public preview for free in all Azure regions. Keep in mind that customers will not be able to access Ephemeral disks through the portal.
Currently, confidential VMs with Ephemeral OS disks don’t provide certain features, including disk snapshots, OS Disk Swap, capturing VM images, Azure Site Recovery, Azure Backup, and Azure Disk Encryption.
In case you missed it, Microsoft announced hot patching support for Windows Server Azure virtual machines back in February. The feature lets IT admins install Windows security updates without requiring frequent reboots.
More in Virtualization
Microsoft Unveils Next-Gen Azure VMs with AMD's EPYC Chips
Nov 14, 2022 | Rabia Noureen
Azure VMware Solution Gets Support for Stretched Clusters and Customer-Managed Keys
Nov 8, 2022 | Rabia Noureen
VirtualBox 7.0 Adds Windows 11 TPM and Full Encryption Support
Oct 21, 2022 | Rabia Noureen
Microsoft Adds SSO and Passwordless Authentication Support to Azure Virtual Desktop
Sep 27, 2022 | Rabia Noureen
VMware to Launch New vCenter Converter Tool in Beta
Sep 14, 2022 | Rabia Noureen
Microsoft's Arm-based Azure VMs with Ampere Altra Chips Are Now Generally Available
Aug 31, 2022 | Rabia Noureen
Most popular on petri