We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.
If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”
Customize cookie preferences
We use cookies and similar tools (collectively, "cookies") for the following purposes.
Essential
Essential cookies are necessary to provide our site and services and cannot be deactivated. They are usually set in response to your actions on the site, such as setting your privacy preferences, signing in, or filling in forms.
Performance
Performance cookies provide anonymous statistics about how customers navigate our site so we can improve site experience and performance. Approved third parties may perform analytics on our behalf, but they cannot use the data for their own purposes.
Allowed
Functional
Functional cookies help us provide useful site features, remember your preferences, and display relevant content. Approved third parties may set these cookies to provide certain site features. If you do not allow these cookies, then some or all of these services may not function properly.
Allowed
Advertising
Advertising cookies may be set through our site by us or our advertising partners and help us deliver relevant marketing content. If you do not allow these cookies, you will experience less relevant advertising.
Allowed
Blocking some types of cookies may impact your experience of our sites. You may review and change your choices at any time by selecting Cookie preferences in the footer of this site. We and selected third-parties use cookies or similar technologies as specified in the AWS Cookie Notice.
Your privacy choices
We display ads relevant to your interests on AWS sites and on other properties, including cross-context behavioral advertising. Cross-context behavioral advertising uses data from one site or app to advertise to you on a different company’s site or app.
To not allow AWS cross-context behavioral advertising based on cookies or similar technologies, select “Don't allow” and “Save privacy choices” below, or visit an AWS site with a legally-recognized decline signal enabled, such as the Global Privacy Control. If you delete your cookies or visit this site from a different browser or device, you will need to make your selection again. For more information about cookies and how we use them, please read our AWS Cookie Notice.
Dieser Inhalt steht in der ausgewählten Sprache nicht zur Verfügung. Wir arbeiten beständig daran, unsere Inhalte auch in der ausgewählten Sprache zur Verfügung zu stellen. Vielen Dank für Ihre Geduld.
AWS Nitro Enclaves enables customers to create isolated compute environments to further protect and securely process highly sensitive data such as personally identifiable information (PII), healthcare, financial, and intellectual property data within their Amazon EC2 instances. Nitro Enclaves uses the same Nitro Hypervisor technology that provides CPU and memory isolation for EC2 instances.
Benefits
Independent kernel
AWS Nitro Enclaves has its own kernel that is separated from the parent instance’s kernel. The kernel of your parent instance has no access to the enclave.
No interactive access
AWS Nitro Enclaves does not accept inbound connections based on IAM credentials or root privileges. Applications used for processing sensitive data are embedded into the enclave to be used.
Nitro Enclaves SDK
The Nitro Enclaves SDK is a set of open-source libraries for developing applications that can operate in an enclave. For more information, go to https://github.com/aws/aws-nitro-enclaves-sdk-c
Built in integration with other AWS services like AWS Key Management Service (KMS) and AWS Certificate Manager (ACM)
Nitro Enclaves is integrated with AWS KMS, allowing you to decrypt files that have been encrypted using KMS inside the enclave. AWS Certificate Manager (ACM) for Nitro Enclaves allows you to use public and private SSL/TLS certificates with your web applications and servers running on Amazon EC2 instances with AWS Nitro Enclaves.
Cryptographic Attestation
Cryptographic attestation is a process used to prove the identity of an enclave and verify that only authorized code is running in your enclave. The attestation process is accomplished through the Nitro Hypervisor, which produces a signed attestation document for the enclave to prove its identity to another 3rd party or service. Attestation documents contain key details of the enclave such as the enclave's public key, hashes of the enclave image and applications, and more.