diff --git a/tools/packaging/kata-deploy/local-build/Makefile b/tools/packaging/kata-deploy/local-build/Makefile
index 7e007a227c..5282b68bae 100644
--- a/tools/packaging/kata-deploy/local-build/Makefile
+++ b/tools/packaging/kata-deploy/local-build/Makefile
@@ -134,6 +134,9 @@ qemu-snp-experimental-tarball:
 qemu-tarball:
 	${MAKE} $@-build
 
+boot-image-se-tarball: kernel-tarball rootfs-initrd-tarball
+	${MAKE} $@-build
+
 qemu-tdx-experimental-tarball:
 	${MAKE} $@-build
 
diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
index 19653720ea..f01744c406 100755
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh
@@ -119,6 +119,8 @@ docker run \
 	--env VIRTIOFSD_CONTAINER_BUILDER="${VIRTIOFSD_CONTAINER_BUILDER}" \
 	--env MEASURED_ROOTFS="${MEASURED_ROOTFS}" \
 	--env USE_CACHE="${USE_CACHE}" \
+	--env AA_KBC="${AA_KBC:-}" \
+	--env HKD_PATH="$(realpath "${HKD_PATH:-}" 2> /dev/null || true)" \
 	--env CROSS_BUILD="${CROSS_BUILD}" \
 	--env TARGET_ARCH="${TARGET_ARCH}" \
 	--env ARCH="${ARCH}" \
diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
index cb93fd1a15..0345f86fd2 100755
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
@@ -36,6 +36,7 @@ readonly virtiofsd_builder="${static_build_dir}/virtiofsd/build.sh"
 readonly nydus_builder="${static_build_dir}/nydus/build.sh"
 readonly rootfs_builder="${repo_root_dir}/tools/packaging/guest-image/build_image.sh"
 readonly tools_builder="${static_build_dir}/tools/build.sh"
+readonly se_image_builder="${repo_root_dir}/tools/packaging/guest-image/build_se_image.sh"
 
 ARCH=${ARCH:-$(uname -m)}
 MEASURED_ROOTFS=${MEASURED_ROOTFS:-no}
@@ -86,6 +87,7 @@ options:
 	agent
 	agent-opa
 	agent-ctl
+	boot-image-se
 	cloud-hypervisor
 	cloud-hypervisor-glibc
 	firecracker
@@ -259,6 +261,11 @@ install_initrd_sev() {
 	install_initrd "sev"
 }
 
+install_se_image() {
+	info "Create IBM SE image configured with AA_KBC=${AA_KBC}"
+	"${se_image_builder}" --destdir="${destdir}"
+}
+
 #Install kernel component helper
 install_cached_kernel_tarball_component() {
 	local kernel_name=${1}
@@ -779,6 +786,8 @@ handle_build() {
 	agent-opa) install_agent_opa ;;
 
 	agent-ctl) install_agent_ctl ;;
+	
+	boot-image-se) install_se_image ;;
 
 	cloud-hypervisor) install_clh ;;