> For the complete documentation index, see [llms.txt](https://docs.enclaive.cloud/confidential-cloud/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.enclaive.cloud/confidential-cloud/technology-in-depth/amd-sev/getting-started/gcp.md).

# GCP

You can create a Confidential VM instance as part of creating a new Compute Engine virtual machine.

### Before you begin <a href="#before_you_begin" id="before_you_begin"></a>

Before creating a Confidential VM instance, you need to set up your environment as follows:

1. If you're new to Google Cloud, [create an account](https://console.cloud.google.com/freetrial) to evaluate how our products perform in real-world scenarios. New customers get $300 in free credits to run, test, and deploy workloads.
2. In the Google Cloud console, on the project selector page, select or [create a Google Cloud project](https://cloud.google.com/resource-manager/docs/creating-managing-projects).

   Note: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.

   [Go to project selector](https://console.cloud.google.com/projectselector2/home/dashboard)
3. [Make sure that billing is enabled for your Google Cloud project](https://cloud.google.com/billing/docs/how-to/verify-billing-enabled#console).
4. Enable the Compute Engine API.

   [Enable the API](https://console.cloud.google.com/flows/enableapi?apiid=compute.googleapis.com)
5. Optional: To use the gcloud CLI examples in this guide:
   * Install or update to the latest version of the [gcloud CLI](https://cloud.google.com/sdk/docs/install).
   * [Set a default region and zone for your client](https://cloud.google.com/compute/docs/gcloud-compute#set_default_zone_and_region_in_your_local_client) that [supports Confidential VM](https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations#supported-zones).
6. Optional: To use the API examples in this guide, [set up authentication](https://cloud.google.com/docs/authentication/rest) for your requests. Learn more about [OAuth 2.0](https://developers.google.com/identity/protocols/oauth2).

### Create an instance <a href="#create-instance" id="create-instance"></a>

To create an SEV Confidential VM with the Google Cloud console, complete the following steps.

**Note:** To create an SEV-SNP ([Preview](https://cloud.google.com/products#product-launch-stages)) Confidential VM instance, use the gcloud CLI or REST API.

1. In the Google Cloud console, go to the **VM instances** page.

   [Go to VM instances](https://console.cloud.google.com/compute/instances)
2. Click **Create instance**.
3. In the **Confidential VM service** section, click **Enable**.
4. In the **Enable Confidential Computing** dialog, review the list of settings that are updated when you enable the service. They can include the following fields, if they were set to incompatible values.
   * **Series** and **Machine type**. For more information, see [Machine types, CPUs, and zones](https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations#machine-type-cpu-zone).
   * **Region** and **zone**. For more information, see [Machine types, CPUs, and zones](https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations#machine-type-cpu-zone).
   * **Boot disk image**. For more information, see [Operating systems](https://cloud.google.com/confidential-computing/confidential-vm/docs/supported-configurations#operating-systems).
   * **On-host maintenance**. For more information, see [Set host maintenance policy of a VM](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options#settingoptions).
   * **Network interface card**. For more information, see [Using Google Virtual NIC](https://cloud.google.com/compute/docs/networking/using-gvnic).
5. Click **Enable**.
6. In the **Machine configuration** section, expand **Advanced configurations**.
7. For the **CPU platform**, choose **AMD Milan or later**.
8. Verify that you are satisfied with these settings, and then click **Create**.

After you click **Create**, the **VM instances** page opens. On this page you can view the status and details for your new instance. When an ![green checkmark](https://cloud.google.com/static/confidential-computing/confidential-vm/docs/images/status-success.svg) **Available** icon appears in the **Status** column for your Confidential VM instance, it's ready to use.

### Enable higher network bandwidth for C2D machine types <a href="#enable_higher_network_bandwidth_for_c2d_machine_types" id="enable_higher_network_bandwidth_for_c2d_machine_types"></a>

The three largest C2D Compute Engine VM shapes (32, 56, and 112) support high-bandwidth networking. When you select a Tier 1 network bandwidth configuration, the data transfer out bandwidth increases from the default 32 Gbps to 50 or 100 Gbps. To achieve the higher Tier 1 bandwidth speeds, the instance must be running the [gVNIC virtual network driver](https://cloud.google.com/compute/docs/instances/create-vm-with-gvnic). Learn more about [configuring a VM with higher bandwidth](https://cloud.google.com/compute/docs/networking/configure-vm-with-high-bandwidth-configuration).


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.enclaive.cloud/confidential-cloud/technology-in-depth/amd-sev/getting-started/gcp.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.