diff --git a/roles/virtualization/tasks/vmware.yml b/roles/virtualization/tasks/vmware.yml
index 5b05f24..fd5c0a2 100644
--- a/roles/virtualization/tasks/vmware.yml
+++ b/roles/virtualization/tasks/vmware.yml
@@ -100,6 +100,17 @@
         name: "{{ hostname }}"
         state: present
       no_log: true
+      register: virtualization_vmware_tpm2_result
+
+    - name: Validate vTPM2 was added successfully
+      when:
+        - virtualization_tpm2_enabled | bool
+        - virtualization_vmware_tpm2_result is defined
+      ansible.builtin.assert:
+        that:
+          - virtualization_vmware_tpm2_result is not failed
+        fail_msg: "Failed to add vTPM2 to VM '{{ hostname }}'. LUKS with TPM2 requires a virtual TPM device."
+        quiet: true
 
     # vmware.vmware: modern collection for power operations
     - name: Start VM in vCenter