Secure management of operations on protected virtual machines

What is claimed is: 1. In a computing environment, a method of establishing trust for a host, the method comprising: a host attestation service receiving from a host deployed on a physical machine, a verifiable indication of certain characteristics that the host meets; attempting to determine from the indication of the certain characteristics that the host meets certain requirements; and if the host meets the certain requirements, including at least meeting a requirement that the host contains a trusted execution environment (TEE), the host attestation service issuing a certificate to the host that the host can use to authenticate to one or more entities having a trust relationship with the host attestation service, wherein the certificate is configured for use by the host to obtain a key from a key distribution service having a trust relationship with the host attestation service, in response to the certificate being provided to the key distribution service, and wherein the key is configured for use by the host to decrypt a shielded guest virtual machine that is deployed by a virtual machine manager at a request of a tenant to the host so that a guest virtual machine can be run on the host. 2. The method of claim 1 , wherein the certain requirements further comprise a requirement related to a TPM (trusted platform module) on a physical machine implementing the host. 3. The method of claim 1 , the method further comprising as a result of a failure in determining that the physical machine implementing the host verifiably meets the certain requirements, notifying a Virtual Machine Manager (VMM) configured to deploy guest virtual machines that the host does not meet the certain requirements. 4. The method of claim 1 , the method further comprising, as a result of a failure in determining that the host verifiably meets the certain requirements, notifying a Virtual Machine Manager (VMM) that the host is not available for deployments of shielded guest virtual machines. 5. The method of claim 1 , wherein the certain requirements further comprise a requirement that a correct and trustworthy UEFI (unified extensible firmware interface) report be provided for a physical host machine implementing the host to verify that an uncompromised boot has occurred. 6. The method of claim 1 , wherein the certain requirements further comprise a requirement that a verifiable indication be provided that the host includes a correct HVCI (Hypervisor-enforced Code Integrity) policy validation. 7. The method of claim 1 , wherein the certain requirements further comprise a requirement that the host be located in a particular geographical location. 8. The method of claim 1 , wherein the certain requirements further comprise a requirement that the host be coupled to a secure network. 9. The method of claim 1 , further comprising creating a trust relationship between the host attestation service and the key distribution service from which the host can obtain keys by presenting the certificate. 10. The method of claim 1 , wherein the method is performed in an environment where the host attestation service is implemented in an environment with a fabric management system, where the fabric management system is configured to administer at least one of the host operating system, the host configuration, HVCI whitelists, HVCI revocation lists, UEFI whitelists or UEFI revocation list, and wherein a different authentication and/or authorization service is used to authenticate administrators of the host attestation service than is used to authenticate administrators of the fabric management system. 11. The method of claim 1 , wherein the method is performed in an environment where the host attestation service is implemented in an environment with the virtual machine manager, where the virtual machine manager is configured to deploy shielded guest virtual machines to the host, but wherein the virtual machine manager is unable to decrypt the shielded guest virtual machines. 12. The method of claim 11 , wherein the method is practiced in an environment where a different authentication service is used to authenticate administrators of the host attestation service than is used to authenticate administrators of the virtual machine manager. 13. In a computing environment, a method of establishing trust for a host, the method comprising: a host implemented using a physical machine sending a verifiable indication of certain characteristics of the host to a host attestation service; and as a result of the host meeting certain requirements, as determined by the host attestation service evaluating the indication of certain characteristics, including at least meeting a requirement that the host contains a trusted execution environment (TEE), the host receiving from the host attestation service a certificate that the host can use to authenticate to one or more entities having a trust relationship to the host attestation service the host obtaining a key from a key distribution service in response to providing the certificate to the key distribution service, wherein the key distribution service trusts the host attestation service in that the key distribution service accepts certificates signed by the host attestation service; and the host using the key to decrypt a shielded guest virtual machine that is deployed by a virtual machine manager at a request of a tenant to the host so that a guest virtual machine can be run on the host. 14. The method of claim 13 , wherein the certain requirements further comprise a requirement selected from the group consisting of: (a) a requirement related to a TPM (trusted platform module) on the physical machine implementing the host, (b) a requirement that a correct and trustworthy UEFI (unified extensible firmware interface) report be provided for the physical machine on which the host is implemented, (c) a requirement that a verifiable indication be provided that the host includes a correct HVCI (Hypervisor-enforced Code Integrity) policy validation, (d) a requirement that the host be located in a particular geographical location, and (e) a requirement that the host be coupled to a secure network. 15. The method of claim 13 , further comprising: the host preparing an encrypted message regarding security details of the deployment of the guest virtual machine, wherein the encrypted message is not able to be decrypted by the virtual machine manager, but able to be decrypted by the tenant; and the host sending the encrypted message to the virtual machine manager, where it can be forwarded on to the tenant without the virtual machine manager being able to read the encrypted message. 16. A computing system comprising a physical machine on which a host is implemented, the computing system comprising: one or more processors; and one or more storage media having stored computer-executable instructions which are executable by the one or more processors for causing the host to perform the following method of establishing a trust for the host, wherein the method includes: the host sending a verifiable indication of certain characteristics of the host to a host attestation service; and as a result of the host meeting certain requirements, as determined by the host attestation service evaluating the indication of certain characteristics, including at least meeting a requirement that the host contains a trusted execution environment (TEE), the host receiving from the host attestation service a certificate that the host can use to authenticate to one or more entities having a trust relationship to the host attestation service;