Overview
AWS Nitro Enclaves (https://aws.amazon.com/ec2/nitro/nitro-enclaves/ ) is a new EC2 capability that enables customers to create isolated compute environments (enclaves) to further protect and securely process highly sensitive data such as personally identifiable information (PII), healthcare, financial, and intellectual property data within their Amazon EC2 (https://aws.amazon.com/ec2/ ) instances. Nitro Enclaves helps customers reduce the attack surface area for their most sensitive data processing applications.
The Nitro Enclaves Developer AMI contains the necessary tools and components to build enclave applications. It also contains samples, such as hello-enclave, vsock_sample and kmstool, to demonstrate how to use and develop your own enclave applications. Building enclave images is similar to building Docker containers, and uses Docker definitions to do it. To be able to build from source the components to be packaged in an enclave image, compilers and toolchains need to be installed separately.
Highlights
- Built on Amazon Linux 2. Includes samples that demonstrate how to use and develop enclave applications.
- vsock sample shows a basic vsock-based communication example between an instance-side client and a server-side enclave and vice-versa.
- kms example demonstrates how an enclave communicates to KMS, and how enclave attestation integrates with KMS policies, so that the enclave can decrypt within the enclave an instance-side encrypted KMS message.
Details
Typical total price
$0.34/hour
Pricing
- ...
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
|---|---|---|---|
m5.xlarge | $0.00 | $0.192 | $0.192 |
m5.2xlarge | $0.00 | $0.384 | $0.384 |
m5.4xlarge | $0.00 | $0.768 | $0.768 |
m5.8xlarge | $0.00 | $1.536 | $1.536 |
m5.12xlarge | $0.00 | $2.304 | $2.304 |
m5.16xlarge | $0.00 | $3.072 | $3.072 |
m5.24xlarge | $0.00 | $4.608 | $4.608 |
m5a.xlarge | $0.00 | $0.172 | $0.172 |
m5a.2xlarge | $0.00 | $0.344 | $0.344 |
m5a.4xlarge | $0.00 | $0.688 | $0.688 |
Additional AWS infrastructure costs
Type | Cost |
|---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
Nitro Enclaves Developer AMI is available at no additional cost. You pay only for the AWS resources that you create to run your application, such as EC2 instances.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Updated to Amazon Linux 2 version 2.0.20210427.0
Additional details
Usage instructions
To connect to the instance, use SSH and the username ec2-user. To setup the enclaves and run the samples please see the linked documentation.
Resources
Vendor resources
Support
Vendor support
Support is available through our technical FAQs, AWS forums, and AWS Premium Support.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Whacky
This is perhaps one of the poorest documented AMIs I have ever seen. Take a guess and do a search, you'll need to do forensics to figure it out.