We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.
If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”
Customize cookie preferences
We use cookies and similar tools (collectively, "cookies") for the following purposes.
Essential
Essential cookies are necessary to provide our site and services and cannot be deactivated. They are usually set in response to your actions on the site, such as setting your privacy preferences, signing in, or filling in forms.
Performance
Performance cookies provide anonymous statistics about how customers navigate our site so we can improve site experience and performance. Approved third parties may perform analytics on our behalf, but they cannot use the data for their own purposes.
Allowed
Functional
Functional cookies help us provide useful site features, remember your preferences, and display relevant content. Approved third parties may set these cookies to provide certain site features. If you do not allow these cookies, then some or all of these services may not function properly.
Allowed
Advertising
Advertising cookies may be set through our site by us or our advertising partners and help us deliver relevant marketing content. If you do not allow these cookies, you will experience less relevant advertising.
Allowed
Blocking some types of cookies may impact your experience of our sites. You may review and change your choices at any time by selecting Cookie preferences in the footer of this site. We and selected third-parties use cookies or similar technologies as specified in the AWS Cookie Notice.
Your privacy choices
We display ads relevant to your interests on AWS sites and on other properties, including cross-context behavioral advertising. Cross-context behavioral advertising uses data from one site or app to advertise to you on a different company’s site or app.
To not allow AWS cross-context behavioral advertising based on cookies or similar technologies, select “Don't allow” and “Save privacy choices” below, or visit an AWS site with a legally-recognized decline signal enabled, such as the Global Privacy Control. If you delete your cookies or visit this site from a different browser or device, you will need to make your selection again. For more information about cookies and how we use them, please read our AWS Cookie Notice.
The AWS Nitro System is the foundation for our next generation of EC2 instances that enables AWS to innovate faster, further reduce cost for our customers, and deliver added benefits like increased security and new instance types.
AWS has completely re-imagined our virtualization infrastructure. Traditionally, hypervisors protect the physical hardware and bios, virtualize the CPU, storage, networking, and provide a rich set of management capabilities. With the Nitro System, we are able to break apart those functions, offload them to dedicated hardware and software, and reduce costs by delivering practically all of the resources of a server to your instances.
Benefits
Faster innovation
The Nitro System is a rich collection of building blocks that can be assembled in many different ways, giving us the flexibility to design and rapidly deliver EC2 instance types with an ever-broadening selection of compute, storage, memory, and networking options. This innovation also leads to bare metal instances where customers can bring their own hypervisor or have no hypervisor.
Enhanced security
The Nitro System provides enhanced security that continuously monitors, protects, and verifies the instance hardware and firmware. Virtualization resources are offloaded to dedicated hardware and software minimizing the attack surface. Finally, Nitro System's security model is locked down and prohibits administrative access, eliminating the possibility of human error and tampering.
Better performance and price
The Nitro System delivers practically all of the compute and memory resources of the host hardware to your instances resulting in better overall performance. Additionally, dedicated Nitro Cards enable high speed networking, high speed EBS, and I/O acceleration. Not having to hold back resources for management software means more savings that can be passed on to the customer.
Support for previous generation instances
AWS Nitro System supports previous generation EC2 instances to extend the length of service beyond the typical lifetime of underlying hardware. The AWS Nitro System provides modern hardware and software components for EC2 instances, allowing customers to continue running their workloads on the instance families they were built on.
The Nitro Cards are a family of cards that offloads and accelerates IO for functions, ultimately increasing overall system performance. Key cards include Nitro Card for VPC, Nitro Card for EBS, Nitro Card for Instance Storage, Nitro Card Controller, and Nitro Security Chip.
Nitro Security Chip
The Nitro Security Chip enables the most secure cloud platform with a minimized attack surface as virtualization and security functions are offloaded to dedicated hardware and software. Additionally, a locked down security model prohibits all administrative access, including those of Amazon employees, eliminating the possibility of human error and tampering.
Nitro Hypervisor
The Nitro Hypervisor is a lightweight hypervisor that manages memory and CPU allocation and delivers performance that is indistinguishable from bare metal.
AWS Nitro Enclaves
AWS Nitro Enclaves enables customers to create isolated compute environments to further protect and securely process highly sensitive data such as personally identifiable information (PII), healthcare, financial, and intellectual property data within their Amazon EC2 instances. Nitro Enclaves uses the same Nitro Hypervisor technology that provides CPU and memory isolation for EC2 instances.
NitroTPM, a Trusted Platform Module (TPM) 2.0, is a security and compatibility feature that makes it easier for customers to use applications and operating system capabilities that depend on TPMs in their EC2 instances. It conforms to the TPM 2.0 specification, which makes it easy to migrate existing on-premises workloads that use TPM functionalities to EC2. NitroTPM provides a secure cryptographic offload using the AWS Nitro System, and allows EC2 instances to generate, store, and use keys without having access to the same keys. NitroTPM can also provide a cryptographic proof of your instances' integrity via TPM attestation mechanisms.