The coverage is measured into a PCR on the Confidential VM's vTPM (that's matched in The important thing launch plan about the KMS Together with the expected plan hash for your deployment) and enforced by a hardened container runtime hosted within just each instance. The runtime monitors commands from your Kubernetes Regulate airplane, and makes … Read More