I feel the need to disclaim that I have no actual experience using SEV. Also it looks like the attestation protocol may have been broken by attacking the PSP firmware? I have no idea what the current state of affairs is, particularly regarding the claimed firmware downgrade vulnerability.
https://arxiv.org/abs/1908.11680
https://berlin-crypto.github.io/event/amdsev.html