Confidential Computing encrypts the memory of running VMs and containers, delivering "data-in-use" encryption. Together with data-at-rest and data-in-transit encryption, it completes the three-layer encryption story — a key building block for regulated industries and Multi-party Computation.
| Layer | Traditional | Confidential Computing |
|---|---|---|
| Data at Rest | CMEK / HSM / EKM | Same |
| Data in Transit | TLS | Same |
| Data in Use | — | Confidential Computing |
| Product | Target | Use case |
|---|---|---|
| Confidential VM | GCE | Per-VM workloads |
| Confidential GKE Nodes | GKE | Kubernetes clusters |
| Confidential Space | Multi-party | Federated learning, ad measurement |
| Confidential Spanner | Spanner (GA in 2024) | Finance and healthcare DBs |
| Confidential Dataflow | Dataflow | Confidential data pipelines |
| Feature | Vendor | GCP machine |
|---|---|---|
| AMD SEV | AMD | N2D / C2D (1st gen) |
| AMD SEV-SNP | AMD | N2D / C3D (extended) |
| Intel TDX | Intel | C3 (2024 onwards) |
| NVIDIA H100 TEE | NVIDIA | A3 (confidential GPU) |
gcloud compute instances create confidential-vm \ --zone=asia-northeast1-a \ --machine-type=n2d-standard-2 \ --confidential-compute \ --maintenance-policy=TERMINATE \ --image-family=ubuntu-2204-lts \ --image-project=ubuntu-os-cloud # Confidential VM の確認 gcloud compute instances describe confidential-vm \ --zone=asia-northeast1-a --format="value(confidentialInstanceConfig)"
gcloud container clusters create confidential-cluster \ --region=asia-northeast1 \ --enable-confidential-nodes \ --machine-type=n2d-standard-2 \ --release-channel=stable
| Item | Price |
|---|---|
| Confidential VM | Standard VM + ~6% (N2D) |
| Confidential GKE Nodes | Follows the VM pricing |
| Confidential Space | VM + Attestation Service (free / limited) |
| Confidential Spanner | Standard PU + premium |
| Item | GCP | AWS | Azure |
|---|---|---|---|
| Confidential VM | AMD/Intel | Nitro Enclaves | AMD/Intel/Nitro equivalents |
| Confidential Container | Confidential GKE Nodes | Nitro on EKS | Confidential Container Apps |
| Multi-party MPC | Confidential Space (leading) | Limited | Limited |
| Confidential DB | Confidential Spanner | — | Always Encrypted with Secure Enclave |
What is Confidential Computing?
A technology that encrypts the memory of running VMs / containers themselves. Hardware features like AMD SEV-SNP and Intel TDX prevent the hypervisor, other tenants, and even Google itself from peeking at the data.
How much does Confidential VM cost?
Standard GCE pricing plus roughly 6%. Available on N2D / C2D / C3D / A3 and similar machines. Performance overhead is typically just a few percent.
What are Confidential GKE Nodes used for?
Kubernetes workloads in regulated industries such as finance and healthcare. Encryption is applied at the node level, not per pod.
What is Confidential Space?
A secure execution environment for Multi-party Computation. Multiple organizations can jointly analyze their data without exposing raw data to each other. Used for ad measurement and federated learning in healthcare.
How do other clouds compare?
AWS offers Nitro Enclaves (successor to SGX), and Azure Confidential Computing covers equivalents of AMD SEV-SNP / Intel TDX / Nitro Enclaves. GCP led on AMD SEV and is also rolling out Intel TDX support.
Is Attestation supported?
Yes — natively supported in Confidential Space. You can cryptographically prove that a workload is actually running in a confidential environment, which is essential for establishing trust with third parties.
Are BigQuery and Spanner supported too?
BigQuery supports it via Confidential VM-based reservations (Confidential Compute Enabled). Spanner has native support (GA in 2024).
What are real-world examples in regulated industries?
Adopted in finance (HSBC, Fidelity), healthcare (HCA Healthcare), and confidential data processing at several government agencies. Combining FIPS 140-2 with Confidential Computing is a common pattern.
Related Articles - Security
Migrate to Containers (M2C) 完全ガイド|VM → GKE/Cloud Run モダン化 (GCP)
Google Cloud Migrate to Containers (旧 Migrate for Anthos) の全機能解説。VMware / 物理 / AWS / Azure の Linux/Windows アプリを Container 化して GKE / Cloud Run / Anthos にデプロイ。Stateful 対応、料金、成功事例を 2026 年最新版で網羅。
GCP Professional Cloud Developer (PCD) 完全ガイド|Cloud Run・GKE・CI/CD・APM
Google Cloud Professional Cloud Developer の試験範囲、Cloud Run / GKE / Cloud Build / Cloud Trace、AWS DVA / Azure AZ-204 比較、学習ロードマップを徹底解説。
Cloud Deploy 完全ガイド|Canary・Blue-Green・GKE/Cloud Run プログレッシブデプロイ (GCP)
Google Cloud Cloud Deploy の全機能解説。Delivery Pipeline、Canary / Blue-Green、Approval Gate、Verify、Skaffold 統合、GKE / Cloud Run / Anthos 対応、AWS CodeDeploy / ArgoCD 比較を網羅。
GCP vs AWS ストレージ・DB 徹底比較|GCS/S3・BigQuery/Redshift・Spanner/DynamoDB (2026)
GCP と AWS のストレージ・データベースを徹底比較。Cloud Storage vs S3、BigQuery vs Redshift、Spanner vs DynamoDB / Aurora DSQL、Cloud SQL vs RDS、AlloyDB vs Aurora、Firestore vs DynamoDB、Bigtable vs DynamoDB を 2026 年最新版で網羅。
※ Google Cloud is a trademark of Google LLC. For the latest information, see the official Confidential Computing page.
Practice with certification-focused question sets
View GCP exam prep pageNicheeLab Editorial Team
NicheeLab editorial team focused on data engineering and cloud certification learning. Content is structured around practical study needs and official exam domains.
Google Cloud Certification Roadmap (2026)
Choose your GCP certification path — Foundational, Associate...
CDL Cloud Digital Leader: Complete Exam Guide (2026)
Pass the Cloud Digital Leader exam — cloud business value, G...
GAIL Generative AI Leader: Complete Exam Guide (2026)
Pass the Generative AI Leader exam — Gemini, Vertex AI, Work...
Vertex AI Fundamentals for GCP Certs (2026)
Vertex AI basics every cert candidate needs — Workbench, Pip...
Associate Cloud Engineer (ACE): Complete Guide (2026)
Pass the Associate Cloud Engineer exam — Console, gcloud, pr...