diff --git a/Makefile b/Makefile
index 1fe7f4e..93a9914 100644
--- a/Makefile
+++ b/Makefile
@@ -40,6 +40,7 @@ plugin-protos := \
 	proto/spire/plugin/agent/nodeattestor/v1/nodeattestor.proto \
 	proto/spire/plugin/agent/svidstore/v1/svidstore.proto \
 	proto/spire/plugin/agent/workloadattestor/v1/workloadattestor.proto \
+	proto/spire/plugin/agent/workloadattestor/v2/workloadattestor.proto \
 	proto/spire/plugin/server/bundlepublisher/v1/bundlepublisher.proto \
 	proto/spire/plugin/server/credentialcomposer/v1/credentialcomposer.proto \
 	proto/spire/plugin/server/keymanager/v1/keymanager.proto \
diff --git a/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor.pb.go b/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor.pb.go
new file mode 100644
index 0000000..0675ea6
--- /dev/null
+++ b/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor.pb.go
@@ -0,0 +1,179 @@
+// Code generated by protoc-gen-go. DO NOT EDIT.
+// versions:
+// 	protoc-gen-go v1.36.6
+// 	protoc        v6.30.2
+// source: spire/plugin/agent/workloadattestor/v2/workloadattestor.proto
+
+package v2
+
+import (
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
+	anypb "google.golang.org/protobuf/types/known/anypb"
+	reflect "reflect"
+	sync "sync"
+	unsafe "unsafe"
+)
+
+const (
+	// Verify that this generated code is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
+	// Verify that runtime/protoimpl is sufficiently up-to-date.
+	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
+)
+
+type AttestReferenceRequest struct {
+	state protoimpl.MessageState `protogen:"open.v1"`
+	// Required. Reference to the workload to be attested.
+	Reference     *anypb.Any `protobuf:"bytes,1,opt,name=reference,proto3" json:"reference,omitempty"`
+	unknownFields protoimpl.UnknownFields
+	sizeCache     protoimpl.SizeCache
+}
+
+func (x *AttestReferenceRequest) Reset() {
+	*x = AttestReferenceRequest{}
+	mi := &file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_msgTypes[0]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
+}
+
+func (x *AttestReferenceRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AttestReferenceRequest) ProtoMessage() {}
+
+func (x *AttestReferenceRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_msgTypes[0]
+	if x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AttestReferenceRequest.ProtoReflect.Descriptor instead.
+func (*AttestReferenceRequest) Descriptor() ([]byte, []int) {
+	return file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDescGZIP(), []int{0}
+}
+
+func (x *AttestReferenceRequest) GetReference() *anypb.Any {
+	if x != nil {
+		return x.Reference
+	}
+	return nil
+}
+
+type AttestReferenceResponse struct {
+	state protoimpl.MessageState `protogen:"open.v1"`
+	// Optional. Selector values related to the attested workload. The type
+	// of the selector is inferred from the plugin name.
+	SelectorValues []string `protobuf:"bytes,1,rep,name=selector_values,json=selectorValues,proto3" json:"selector_values,omitempty"`
+	unknownFields  protoimpl.UnknownFields
+	sizeCache      protoimpl.SizeCache
+}
+
+func (x *AttestReferenceResponse) Reset() {
+	*x = AttestReferenceResponse{}
+	mi := &file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_msgTypes[1]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
+}
+
+func (x *AttestReferenceResponse) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*AttestReferenceResponse) ProtoMessage() {}
+
+func (x *AttestReferenceResponse) ProtoReflect() protoreflect.Message {
+	mi := &file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_msgTypes[1]
+	if x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use AttestReferenceResponse.ProtoReflect.Descriptor instead.
+func (*AttestReferenceResponse) Descriptor() ([]byte, []int) {
+	return file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDescGZIP(), []int{1}
+}
+
+func (x *AttestReferenceResponse) GetSelectorValues() []string {
+	if x != nil {
+		return x.SelectorValues
+	}
+	return nil
+}
+
+var File_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto protoreflect.FileDescriptor
+
+const file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDesc = "" +
+	"\n" +
+	"=spire/plugin/agent/workloadattestor/v2/workloadattestor.proto\x12&spire.plugin.agent.workloadattestor.v2\x1a\x19google/protobuf/any.proto\"L\n" +
+	"\x16AttestReferenceRequest\x122\n" +
+	"\treference\x18\x01 \x01(\v2\x14.google.protobuf.AnyR\treference\"B\n" +
+	"\x17AttestReferenceResponse\x12'\n" +
+	"\x0fselector_values\x18\x01 \x03(\tR\x0eselectorValues2\xa7\x01\n" +
+	"\x10WorkloadAttestor\x12\x92\x01\n" +
+	"\x0fAttestReference\x12>.spire.plugin.agent.workloadattestor.v2.AttestReferenceRequest\x1a?.spire.plugin.agent.workloadattestor.v2.AttestReferenceResponseBQZOgithub.com/spiffe/spire-plugin-sdk/proto/spire/plugin/agent/workloadattestor/v2b\x06proto3"
+
+var (
+	file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDescOnce sync.Once
+	file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDescData []byte
+)
+
+func file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDescGZIP() []byte {
+	file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDescOnce.Do(func() {
+		file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDesc), len(file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDesc)))
+	})
+	return file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDescData
+}
+
+var file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
+var file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_goTypes = []any{
+	(*AttestReferenceRequest)(nil),  // 0: spire.plugin.agent.workloadattestor.v2.AttestReferenceRequest
+	(*AttestReferenceResponse)(nil), // 1: spire.plugin.agent.workloadattestor.v2.AttestReferenceResponse
+	(*anypb.Any)(nil),               // 2: google.protobuf.Any
+}
+var file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_depIdxs = []int32{
+	2, // 0: spire.plugin.agent.workloadattestor.v2.AttestReferenceRequest.reference:type_name -> google.protobuf.Any
+	0, // 1: spire.plugin.agent.workloadattestor.v2.WorkloadAttestor.AttestReference:input_type -> spire.plugin.agent.workloadattestor.v2.AttestReferenceRequest
+	1, // 2: spire.plugin.agent.workloadattestor.v2.WorkloadAttestor.AttestReference:output_type -> spire.plugin.agent.workloadattestor.v2.AttestReferenceResponse
+	2, // [2:3] is the sub-list for method output_type
+	1, // [1:2] is the sub-list for method input_type
+	1, // [1:1] is the sub-list for extension type_name
+	1, // [1:1] is the sub-list for extension extendee
+	0, // [0:1] is the sub-list for field type_name
+}
+
+func init() { file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_init() }
+func file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_init() {
+	if File_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto != nil {
+		return
+	}
+	type x struct{}
+	out := protoimpl.TypeBuilder{
+		File: protoimpl.DescBuilder{
+			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
+			RawDescriptor: unsafe.Slice(unsafe.StringData(file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDesc), len(file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_rawDesc)),
+			NumEnums:      0,
+			NumMessages:   2,
+			NumExtensions: 0,
+			NumServices:   1,
+		},
+		GoTypes:           file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_goTypes,
+		DependencyIndexes: file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_depIdxs,
+		MessageInfos:      file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_msgTypes,
+	}.Build()
+	File_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto = out.File
+	file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_goTypes = nil
+	file_spire_plugin_agent_workloadattestor_v2_workloadattestor_proto_depIdxs = nil
+}
diff --git a/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor.proto b/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor.proto
new file mode 100644
index 0000000..65ca80c
--- /dev/null
+++ b/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor.proto
@@ -0,0 +1,20 @@
+syntax = "proto3";
+package spire.plugin.agent.workloadattestor.v2;
+option go_package = "github.com/spiffe/spire-plugin-sdk/proto/spire/plugin/agent/workloadattestor/v2";
+
+import "google/protobuf/any.proto";
+
+service WorkloadAttestor {
+    rpc AttestReference(AttestReferenceRequest) returns (AttestReferenceResponse);
+}
+
+message AttestReferenceRequest {
+    // Required. Reference to the workload to be attested.
+    google.protobuf.Any reference = 1;
+}
+
+message AttestReferenceResponse {
+    // Optional. Selector values related to the attested workload. The type
+    // of the selector is inferred from the plugin name.
+    repeated string selector_values = 1;
+}
diff --git a/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor_grpc.pb.go b/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor_grpc.pb.go
new file mode 100644
index 0000000..740e02b
--- /dev/null
+++ b/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor_grpc.pb.go
@@ -0,0 +1,121 @@
+// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
+// versions:
+// - protoc-gen-go-grpc v1.5.1
+// - protoc             v6.30.2
+// source: spire/plugin/agent/workloadattestor/v2/workloadattestor.proto
+
+package v2
+
+import (
+	context "context"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+)
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+// Requires gRPC-Go v1.64.0 or later.
+const _ = grpc.SupportPackageIsVersion9
+
+const (
+	WorkloadAttestor_AttestReference_FullMethodName = "/spire.plugin.agent.workloadattestor.v2.WorkloadAttestor/AttestReference"
+)
+
+// WorkloadAttestorClient is the client API for WorkloadAttestor service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
+type WorkloadAttestorClient interface {
+	AttestReference(ctx context.Context, in *AttestReferenceRequest, opts ...grpc.CallOption) (*AttestReferenceResponse, error)
+}
+
+type workloadAttestorClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewWorkloadAttestorClient(cc grpc.ClientConnInterface) WorkloadAttestorClient {
+	return &workloadAttestorClient{cc}
+}
+
+func (c *workloadAttestorClient) AttestReference(ctx context.Context, in *AttestReferenceRequest, opts ...grpc.CallOption) (*AttestReferenceResponse, error) {
+	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
+	out := new(AttestReferenceResponse)
+	err := c.cc.Invoke(ctx, WorkloadAttestor_AttestReference_FullMethodName, in, out, cOpts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// WorkloadAttestorServer is the server API for WorkloadAttestor service.
+// All implementations must embed UnimplementedWorkloadAttestorServer
+// for forward compatibility.
+type WorkloadAttestorServer interface {
+	AttestReference(context.Context, *AttestReferenceRequest) (*AttestReferenceResponse, error)
+	mustEmbedUnimplementedWorkloadAttestorServer()
+}
+
+// UnimplementedWorkloadAttestorServer must be embedded to have
+// forward compatible implementations.
+//
+// NOTE: this should be embedded by value instead of pointer to avoid a nil
+// pointer dereference when methods are called.
+type UnimplementedWorkloadAttestorServer struct{}
+
+func (UnimplementedWorkloadAttestorServer) AttestReference(context.Context, *AttestReferenceRequest) (*AttestReferenceResponse, error) {
+	return nil, status.Errorf(codes.Unimplemented, "method AttestReference not implemented")
+}
+func (UnimplementedWorkloadAttestorServer) mustEmbedUnimplementedWorkloadAttestorServer() {}
+func (UnimplementedWorkloadAttestorServer) testEmbeddedByValue()                          {}
+
+// UnsafeWorkloadAttestorServer may be embedded to opt out of forward compatibility for this service.
+// Use of this interface is not recommended, as added methods to WorkloadAttestorServer will
+// result in compilation errors.
+type UnsafeWorkloadAttestorServer interface {
+	mustEmbedUnimplementedWorkloadAttestorServer()
+}
+
+func RegisterWorkloadAttestorServer(s grpc.ServiceRegistrar, srv WorkloadAttestorServer) {
+	// If the following call pancis, it indicates UnimplementedWorkloadAttestorServer was
+	// embedded by pointer and is nil.  This will cause panics if an
+	// unimplemented method is ever invoked, so we test this at initialization
+	// time to prevent it from happening at runtime later due to I/O.
+	if t, ok := srv.(interface{ testEmbeddedByValue() }); ok {
+		t.testEmbeddedByValue()
+	}
+	s.RegisterService(&WorkloadAttestor_ServiceDesc, srv)
+}
+
+func _WorkloadAttestor_AttestReference_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(AttestReferenceRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(WorkloadAttestorServer).AttestReference(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: WorkloadAttestor_AttestReference_FullMethodName,
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(WorkloadAttestorServer).AttestReference(ctx, req.(*AttestReferenceRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+// WorkloadAttestor_ServiceDesc is the grpc.ServiceDesc for WorkloadAttestor service.
+// It's only intended for direct use with grpc.RegisterService,
+// and not to be introspected or modified (even as a copy)
+var WorkloadAttestor_ServiceDesc = grpc.ServiceDesc{
+	ServiceName: "spire.plugin.agent.workloadattestor.v2.WorkloadAttestor",
+	HandlerType: (*WorkloadAttestorServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "AttestReference",
+			Handler:    _WorkloadAttestor_AttestReference_Handler,
+		},
+	},
+	Streams:  []grpc.StreamDesc{},
+	Metadata: "spire/plugin/agent/workloadattestor/v2/workloadattestor.proto",
+}
diff --git a/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor_spire_plugin.pb.go b/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor_spire_plugin.pb.go
new file mode 100644
index 0000000..8c36c06
--- /dev/null
+++ b/proto/spire/plugin/agent/workloadattestor/v2/workloadattestor_spire_plugin.pb.go
@@ -0,0 +1,50 @@
+// Code generated by protoc-gen-go-spire. DO NOT EDIT.
+
+package v2
+
+import (
+	pluginsdk "github.com/spiffe/spire-plugin-sdk/pluginsdk"
+	grpc "google.golang.org/grpc"
+)
+
+func WorkloadAttestorPluginServer(server WorkloadAttestorServer) pluginsdk.PluginServer {
+	return workloadAttestorPluginServer{WorkloadAttestorServer: server}
+}
+
+type workloadAttestorPluginServer struct {
+	WorkloadAttestorServer
+}
+
+func (s workloadAttestorPluginServer) Type() string {
+	return "WorkloadAttestor"
+}
+
+func (s workloadAttestorPluginServer) GRPCServiceName() string {
+	return "spire.plugin.agent.workloadattestor.v2.WorkloadAttestor"
+}
+
+func (s workloadAttestorPluginServer) RegisterServer(server *grpc.Server) interface{} {
+	RegisterWorkloadAttestorServer(server, s.WorkloadAttestorServer)
+	return s.WorkloadAttestorServer
+}
+
+type WorkloadAttestorPluginClient struct {
+	WorkloadAttestorClient
+}
+
+func (s WorkloadAttestorPluginClient) Type() string {
+	return "WorkloadAttestor"
+}
+
+func (c *WorkloadAttestorPluginClient) IsInitialized() bool {
+	return c.WorkloadAttestorClient != nil
+}
+
+func (c *WorkloadAttestorPluginClient) GRPCServiceName() string {
+	return "spire.plugin.agent.workloadattestor.v2.WorkloadAttestor"
+}
+
+func (c *WorkloadAttestorPluginClient) InitClient(conn grpc.ClientConnInterface) interface{} {
+	c.WorkloadAttestorClient = NewWorkloadAttestorClient(conn)
+	return c.WorkloadAttestorClient
+}