A virtualized TPM 2.0 security processor that provides hardware-level security for the VM. Enables Measured Boot (cryptographic hashes of boot components form a verifiable boot chain) and secure generation and storage of cryptographic keys.

See the vTPM documentation.