Azure Confidential VMs — the DCsv3, DCdsv3, and DCasv5 series — bring Intel SGX and AMD SEV-SNP hardware-based confidential computing to enterprise Azure workloads. They are the practical on-ramp to confidential computing for Azure enterprises: standard VMs with hardware-enforced isolation, requiring minimal application changes. This deployment guide covers DCsv3 vs DCasv5 selection, attestation setup, performance characteristics, and enterprise integration patterns.
Azure Confidential VM Series Overview
| Series | Technology | vCPU range | Memory | Best For |
|---|---|---|---|---|
| DCsv3 / DCdsv3 | Intel SGX (application enclave) | 1–96 vCPU | Up to 384 GiB | Application-level enclaves — specific sensitive workloads |
| DCasv5 / DCadsv5 | AMD SEV-SNP (full VM encryption) | 2–96 vCPU | Up to 384 GiB | Lift-and-shift confidential VMs — entire VM protected |
| ECasv5 | AMD SEV-SNP (memory-optimised) | 2–96 vCPU | Up to 672 GiB | Memory-intensive confidential workloads — databases, analytics |
DCasv5 (AMD SEV-SNP): Protects the entire VM with hardware memory encryption — no application code changes required. Lift-and-shift your existing workload to a confidential VM. For most enterprise use cases requiring data-in-use protection without code refactoring, DCasv5 is the right starting point.
DCsv3 Deployment Guide
Deploy DCsv3 from Azure portal or via Terraform. Select Ubuntu 22.04 or Windows Server 2022 — both include Intel SGX SDK support. Verify SGX availability: ls /dev/sgx_enclave (should exist). Install Azure DCAP (Data Center Attestation Primitives) library: sudo apt-get install az-dcap-client. This library enables communication with Intel's PCCS attestation service via Azure's infrastructure — required for remote attestation. Provision via your existing infrastructure-as-code tooling.
Use Open Enclave SDK (cross-platform, recommended) or Intel SGX SDK for enclave development. Structure your application: trusted component (enclave code — processes sensitive data), untrusted host (normal process — handles I/O, calls enclave via ECALL/OCALL). Build enclave as a signed .so shared library. Deploy in containerised form using EGo (Go in SGX enclaves) or Gramine (run existing Linux applications in SGX with minimal modifications). Integrate with your CI/CD pipeline.
Use Microsoft Azure Attestation (MAA) service — Azure-native attestation for both SGX and SEV-SNP. MAA verifies the enclave quote and issues a JWT attestation token that relying parties (key management systems, other services) can verify. Integrate attestation into your application's startup flow: verify MAA token before releasing sensitive data to the enclave. Connect Azure Key Vault with attestation conditions — keys only released to verified enclaves.
Our software development and DevOps teams design and deploy Azure confidential VM architectures for regulated enterprise workloads. Book a free advisory session to scope your confidential computing architecture on Azure.