Generally Available: Trusted launch as default for VMs deployed through PowerShell and CLI

Trusted launch is now enabled by default for VMs deployed through PowerShell and CLI. [Trusted launch](https://docs.microsoft.com/en-us/azure/virtual-machines/trusted-launch) hardens your Azure virtual machines with security features that allow administrators to deploy virtual machines with verified and signed bootloaders, OS kernels, and a boot policy. This is accomplished via trusted launch features: secure boot, vTPM, and boot integrity monitoring that protect against boot kits, rootkits, and kernel-level malware. * Secure Boot protects against the installation of malware-based rootkits and boot kits and only allows signed OSes and drivers to boot. * Virtual TPM (vTPM) allows customers to protect keys, certificates, and secrets in the virtual machine. * Measured Boot examines and verifies the authenticity of bootloader’s signature and performs integrity measurement of the entire boot chain. * Boot integrity monitoring via [Microsoft Azure Attestation](https://docs.microsoft.com/en-us/azure/attestation/overview) and Azure Security Center generates integrity alerts, recommendations, and remediations if remote attestation fails. For more information, read the [blog post](https://aka.ms/TLaD). * Virtual Machines * Features * Services * Microsoft Ignite * Security * [ Virtual Machines](https://azure.microsoft.com/en-gb/products/virtual-machines/)