AWS announces EC2 instance attestation
AWS announces the general availability of EC2 instance attestation to make it easier for customers to validate that only trusted software is running on their EC2 instances, including instances with AI chips and GPUs.
Before this, customers could configure their EC2 instances to remove operator access from their own administrators and users, but there was no way for customers to verify that a target EC2 instance had that configuration. With EC2 instance attestation, customers can cryptographically verify that their EC2 instances are running trusted configurations and software.
EC2 instance attestation is powered by Nitro Trusted Platform Module (NitroTPM) and Attestable Amazon Machine Images (AMIs). Customers can build an AMI that includes a cryptographic measurement representing all the contents of that AMI. Using NitroTPM, customers can then verify whether a target EC2 instance has the same measurement as the reference measurement generated by the AMI. EC2 instance attestation integrates with AWS Key Management Service (KMS), allowing customers to restrict key operations to instances that pass specific attestation conditions.
EC2 instance attestation is available in all AWS Commercial Regions, including the AWS GovCloud (US) Regions.
To get started with EC2 instance attestation, see this user guide. To build an Amazon Linux 2023 Attested AMI, see this user guide.