diff --git a/docs/vm/create-vm.md b/docs/vm/create-vm.md
index e44fa4d2767..ac5769ef959 100644
--- a/docs/vm/create-vm.md
+++ b/docs/vm/create-vm.md
@@ -157,6 +157,21 @@ If your OS is openSUSE and the version is less than 15.3, please replace `qemu-g
 
 :::
 
+### TPM Device
+
+_Available as of v1.2.0_
+
+[Trusted Platform Module (TPM)](https://en.wikipedia.org/wiki/Trusted_Platform_Module) is a cryptoprocessor that secures hardware using cryptographic keys.
+
+According to [Windows 11 Requirements](https://learn.microsoft.com/en-us/windows/whats-new/windows-11-requirements), the TPM device is a hard requirement of Windows 11.
+
+In the Harvester UI, you can add an emulated TPM to a VM by checking the `Enable TPM` box in the **Advanced Options** tab.
+
+:::note
+
+Currently, only non-persistent vTPMs are supported, and their state is erased after each VM shutdown. Therefore, [Bitlocker](https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview) should not be enabled.
+
+:::
 
 ## One-time Boot For ISO Installation
 
diff --git a/docs/vm/create-windows-vm.md b/docs/vm/create-windows-vm.md
index c0d6b12a940..ef9a54780a3 100644
--- a/docs/vm/create-windows-vm.md
+++ b/docs/vm/create-windows-vm.md
@@ -103,6 +103,13 @@ Changing the `Node Scheduling` settings can impact Harvester features, such as d
 2. `Machine Type`: The value `None` is set by default. It's recommended you don't change it. See the [KubeVirt Machine Type](https://kubevirt.io/user-guide/virtual_machines/virtual_hardware/#machine-type) documentation before you change this value.
 3. (Optional) `Hostname`: Set the VM hostname.
 4. (Optional) `Cloud Config`: Both `User Data` and `Network Data` values are set with default values. Currently, these configurations are not applied to Windows-based VMs.
+5. (Optional) `Enable TPM`, `Booting in EFI mode`, `Secure Boot`: Both the TPM device and UEFI firmware with SecureBoot are hard requirements for Windows 11.
+
+:::note
+
+Currently, only non-persistent vTPMs are supported, and their state is erased after each VM shutdown. Therefore, [Bitlocker](https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview) should not be enabled.
+
+:::
 
 ![create-windows-vm-advanced](/img/v1.2/vm/create-windows-vm-advanced.png)