# AWS Nitro Enclaves
Links: [[AWS]], [[Confidential Computing]]
## [Resources](https://aws.amazon.com/ec2/nitro/nitro-enclaves/)
- [AWS Nitro Enclaves User Guide](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html)
- [Getting Started with Nitro Enclaves](https://youtu.be/t-XmYt2z5S8)
- [ACM for Nitro Enclaves](https://github.com/aws/aws-nitro-enclaves-acm)
- [AWS Nitro Enclaves CLI](https://github.com/aws/aws-nitro-enclaves-cli)
- [AWS Nitro Enclaves NSM API](https://github.com/aws/aws-nitro-enclaves-nsm-api)
- [AWS Nitro Enclaves SDK](https://github.com/aws/aws-nitro-enclaves-sdk-c)
- [Blog: AWS Nitro Enclaves – Isolated EC2 Environments to Process Confidential Data](https://aws.amazon.com/blogs/aws/aws-nitro-enclaves-isolated-ec2-environments-to-process-confidential-data/)
- [What's New: Nitro Enclaves](https://aws.amazon.com/about-aws/whats-new/2020/10/announcing-general-availability-of-aws-nitro-enclaves/)
- [What's New: ACM for Nitro Enclaves](https://aws.amazon.com/about-aws/whats-new/2020/10/announcing-aws-certificate-manager-for-nitro-enclaves/)
## [AWS Nitro Enclaves](https://aws.amazon.com/ec2/nitro/nitro-enclaves/) (product page)
AWS Nitro Enclaves enables customers to create isolated compute environments to further protect and securely process highly sensitive data such as personally identifiable information (PII), healthcare, financial, and intellectual property data within their Amazon EC2 instances. Nitro Enclaves uses the same Nitro Hypervisor technology that provides CPU and memory isolation for EC2 instances.
Nitro Enclaves helps customers reduce the attack surface area for their most sensitive data processing applications. Enclaves offers an isolated, hardened, and highly constrained environment to host security-critical applications. ==Nitro Enclaves includes cryptographic attestation for your software, so that you can be sure that only authorized code is running==, as well as integration with the AWS Key Management Service, so that only your enclaves can access sensitive material.
==There are no additional charges for using AWS Nitro Enclaves other than the use of Amazon EC2 instances and any other AWS services that are used with Nitro Enclaves.==
### How it works
![[Screen Shot 2022-02-13 at 5.58.15 PM.png]]
![[Screen Shot 2022-02-13 at 5.58.48 PM.png]]
### Benefits
**Additional isolation and security**
Enclaves are fully isolated virtual machines, hardened, and highly constrained. ==They have no persistent storage, no interactive access, and no external networking. Communication between your instance and your enclave is done using a secure local channel. Even a root user or an admin user on the instance will not be able to access or SSH into the enclave.==
==Nitro Enclaves uses the proven isolation of the Nitro Hypervisor to further isolate the CPU and memory of the enclave from users, applications, and libraries on the parent instance.== These features help isolate the enclave and your software, and significantly reduce the attack surface area.
==**Cryptographic attestation**==
Attestation allows you to verify the enclave’s identity and that only authorized code is running in your enclave. The attestation process is accomplished through the Nitro Hypervisor, which produces a signed attestation document for the enclave to prove its identity to another party or service. Attestation documents contain key details of the enclave such as the enclave's public key, hashes of the enclave image and applications, and more. Nitro Enclaves includes AWS KMS integration, where KMS is able to read and verify these attestation documents that is sent from the enclave.
**Flexible**
Nitro Enclaves are flexible. You can create enclaves with varying combinations of CPU cores and memory. This ensures you have sufficient resources to run the same memory or compute intensive applications that you were already running on your existing EC2 instances. Nitro Enclaves are processor agnostic, and can be used across instances powered by different CPU vendors. They are also compatible with any programming language or framework. Furthermore, because many components of Nitro Enclaves are open sourced, customer can even inspect the code and validate it themselves.
### How it works
![[Pasted image 20220216205525.png]]
***Figure 1:** Nitro Enclaves How It Works Process Flow*
![[Pasted image 20220216205551.png]]
***Figure 2:** Nitro Enclaves uses the same Nitro Hypervisor technology that creates the CPU and memory isolation among EC2 instances, to create the isolation between an Enclave and an EC2 instance.*
![[Pasted image 20220216205555.png]]
***Figure 3:** An enclave is created by partitioning the CPU and memory of an EC2 instance, called a parent instance. You can create enclaves with varying combinations of CPU cores and memory. Above is an example using m5.4xlarge split into a parent instance (14 vCPU, 32 GiB Memory) and Enclave (2 vCPU, 32 GiB Memory). Communication between the parent instance and the enclave is done via a secure local connection called vsock.*
## Cryptographic attestation
https://docs.aws.amazon.com/enclaves/latest/user/set-up-attestation.html
*An enclave's measurements includes a series of hashes and platform configuration registers (PCRs) that are unique to the enclave. An enclave has six measurements:*
| PCR | Hash of ... | Description |
| ---- | ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| PCR0 | Enclave image file | A contiguous measure of the contents of the image file, without the section data. |
| PCR1 | Linux kernel and bootstrap | A contiguous measurement of the kernel and boot ramfs data. |
| PCR2 | Application | A contiguous, in-order measurement of the user applications, without the boot ramfs. |
| PCR3 | IAM role assigned to the parent instance | A contiguous measurement of the IAM role assigned to the parent instance. Ensures that the attestation process succeeds only when the parent instance has the correct IAM role. |
| PCR4 | Instance ID of the parent instance | A contiguous measurement of the ID of the parent instance. Ensures that the attestation process succeeds only when the parent instance has a specific instance ID. |
| PCR8 | Enclave image file signing certificate | A measure of the signing certificate specified for the enclave image file. Ensures that the attestation process succeeds only when the enclave was booted from an enclave image file signed by a specific certificate. |
Some of the measures are exposed when the enclave image file is built, while others need to be manually generated based on information about the parent instance.