The plan is calculated into a PCR with the Confidential VM's vTPM (that's matched in The true secret launch policy about the KMS Together with the envisioned policy hash with the deployment) and enforced by a hardened container runtime hosted in Every instance. The runtime screens commands with the Kubernetes Command plane, and makes certain that