The coverage is calculated right into a PCR from the Confidential VM's vTPM (that is matched in The true secret release policy within the KMS While using the expected coverage hash with the deployment) and enforced by a hardened container runtime hosted inside of Each individual occasion. The runtime displays instructions from your Kubernetes con… Read More