How to use Secure Encrypted Virtualization (SEV) on Enterprise Instances
Enterprise Instances rely on the AMD EPYC™ 7003 series Processor, which provides the SEV feature. AMD SEV helps keep your Instance’s data confidential, by encrypting the memory of the virtual machine. SEV does not require any changes to your application software, it is enabled in the hypervisor and in the image of the Enterprise Instance. More details on the SEV feature are available at the AMD website.
You can check that SEV is activated on your Enterprise Instance by entering the following into its command line:
# dmesg | grep -i sev
- As the encryption is activated at the boot of the Instance, the boot time can take a few seconds more on larger Enterprise Instances.
- If the Instance is booted into Rescue Mode, SEV is disabled automatically.