OK thanks, I’ll report this to Proxmox to see whether they want to add this in a future release.
I expect that they might say that it’s overkill for KVM, because KVM is already its own container and apparmor isn’t as necessary as it is for LXC—except in the case where there is a bug in KVM which enables the user to escalate their privileges and break out of their machine to inspect the host’s filesystem or memory.
Is this accurate, or is there an additional reason to have apparmor?