Q. I'm receiving an IOMMU not required error trying to use Shielded VMs.

A. Shielded VMs when using TPM attestation has a policy that defines the requirements of the Hyper-V server configuration. IOMMU is a requirement when using credential guard on a Hyper-V host per https://technet.microsoft.com/en-us/itpro/windows/keep-secure/credential-guard. If you are receiving an error related to IOMMU trying to attest a Hyper-V host to run shielded VMs under Microsoft-Windows-HostGuardianService-Client/Operational then it is likely you have configured the host to require credential guard when it is not part of code integrity policy.

Run Get-ComputerInfo and view the DeviceGuardRequiredSecurityProperties, e.g.

DeviceGuardRequiredSecurityProperties : {BaseVirtualizationSupport, SecureBoot}
DeviceGuardAvailableSecurityProperties : {BaseVirtualizationSupport, SecureBoot,
DMAProtection}

In my example IOMMU is not required so ensure the policy does not require Credential Guard, e.g.:

  1. Open gpedit.msc
  2. Navigate to Computer Configuration - Administrative Templates - System - Device Guard
  3. Double click Turn on Virtualization Based Security
  4. Ensure the Virtualization Based Protection of Code Integrity is set to Enabled without lock
  5. Set Credential Guard Configuration to Not Configured and click OK
  6. Reboot

Note that this is required because the attestation policy did NOT require credential guard. The point is the configuration of the host needs to meet whatever the configuration of the attestation policy is.