Skip to content

Latest commit

 

History

History
24 lines (17 loc) · 1.38 KB

File metadata and controls

24 lines (17 loc) · 1.38 KB

Sovereign Examples

This directory contains example scripts and configurations for deploying Azure Confidential Computing resources in scenarios that require heightened data sovereignty, compliance, or backup/recovery controls.

Available Examples

Folder Description
citizen-registry-app/ 🆕 Sovereign citizen registry: Confidential ACI container → Private VNet → Application Gateway → SQL Server on a Confidential VM. Features remote attestation, Secure Key Release, IPv6-only CVM, ephemeral credentials, and API-based data seeding.
cvm-backup/ Deploy a Windows Confidential VM (CVM) with Azure Backup (Recovery Services Vault) and Customer Managed Key disk encryption

Common Themes

  • All examples use AMD SEV-SNP hardware-based memory protection
  • Customer Managed Keys (CMK) via Azure Key Vault Premium with confidential disk encryption
  • Private VNet topology – no public IP on the VM; optional Azure Bastion for RDP access
  • Resource tagging for ownership tracking and automation

Prerequisites

  • Azure PowerShell (Az module, latest version)
  • An Azure subscription with quota for DCasv5-series Confidential VMs
  • The Confidential VM Orchestrator service principal registered in your tenant