General availability: Confidential containers on Azure Container Instances (ACI)

Confidential containers on Azure Container Instances (ACI), now generally available, enables you to run containers in a trusted execution environment (TEE) that provides hardware-based confidentiality and integrity protections for your container workloads while in use in memory. Confidential containers on ACI is supported as a new SKU that you can select when deploying your workload and will provide you with the following benefits for workloads processing highly sensitive data: Ability to lift and shift workloads to a confidential environment without needing to take any dependencies on any confidential computing libraries. In-memory encryption of data with a hardware based dedicated key per container group helping to guard against attacks from a malicious OS, or Hypervisor components. Support for remote attestation to enable a relying party to verify that a service is running in a TEE before processing any sensitive data. As part of confidential containers on ACI, an agent will validate the authenticity of the hardware and application components which can be verified through a remote attestation service before any sensitive data is released to the TEE. To learn more, read the [blog announcement](https://aka.ms/C-ACI-GA) and [documentation](https://aka.ms/ccacidocs). * Container Instances * Features * Microsoft Build * [ Container Instances](https://azure.microsoft.com/en-gb/products/container-instances/)