The provided sources are a collection of Google Cloud documentation and blog excerpts detailing the features and implementation of **Confidential Computing** services, particularly focusing on **Confidential Virtual Machines (VMs)** and **Confidential Google Kubernetes Engine (GKE) Nodes**, especially for **AI and ML workloads**. The documentation explains that these confidential instances utilize hardware-based memory encryption—known as a **Trusted Execution Environment (TEE)**—to protect data and applications in use from unauthorized access, even from the hypervisor. Specific technologies enabling this include **AMD SEV**, **AMD SEV-SNP**, and **Intel TDX**, with newer developments extending these protections to accelerated computing using **NVIDIA H100 Tensor Core GPUs**. The sources also offer practical guidance on how to create a **Confidential VM instance with GPU**, including managing required **GPU quota** and configuring different provisioning models like **Spot** and **Flex-start**, and detail how to enable **Confidential GKE Nodes** for secured GPU workloads.

Sources:

https://cloud.google.com/confidential-computing/confidential-vm/docs/confidential-vm-overview

https://cloud.google.com/confidential-computing/confidential-vm/docs/create-a-confidential-vm-instance-with-gpu

https://cloud.google.com/kubernetes-engine/docs/how-to/gpus-confidential-nodes

https://cloud.google.com/blog/products/identity-security/how-confidential-computing-lays-the-foundation-for-trusted-ai

https://cloud.google.com/blog/products/identity-security/expanding-confidential-computing-for-ai-workloads-next24