General

What is AWS Nitro Enclaves?

AWS Nitro Enclaves is an EC2 capability that allows you to create isolated execution environments within EC2 instances. Nitro Enclaves helps customers reduce the attack surface area for their most sensitive data processing applications. Nitro Enclaves offers an isolated, hardened, and highly constrained environment to host security-critical applications. This isolated execution environment, known as an enclave, allows you to protect your sensitive data when it is in use from applications, processes, or users that are external to the enclave.

What is an enclave?

Enclaves are separate virtual machines, hardened, and highly constrained. They have no persistent storage, no interactive access, and no external networking. Nitro Enclaves uses the Nitro Hypervisor to further isolate the CPU and memory of the enclave from users, applications, and libraries on the parent EC2 instance.

Why should I use Nitro Enclaves?

You should use Nitro Enclaves because it makes it easier to set up and manage isolated compute environments in EC2 to process your highly sensitive data. Nitro Enclaves allows you to create enclaves that are virtual machines attached to EC2 instances that come with no persistent storage, no interactive access, and no external networking. Communication between your instance and your enclave is done using a secure local channel.

When should I use Nitro Enclaves?

You should use Nitro Enclaves when you are processing highly sensitive data and you want to isolate that processing from users, applications, and libraries that have access to your EC2 instances. With Nitro Enclaves, you can develop and run any processing workloads to cater to use cases like personally identifiable information (PII), healthcare data, private keys, proprietary code and algorithms, multi-party computation, and more.

How do I get started with Nitro Enclaves?

The quickest way to get started with Nitro Enclaves is to go through the Hello Enclave getting started example.

What is memory and CPU isolation?

Memory and CPU isolation prevents the users, applications, and libraries on the parent EC2 instance from directly accessing the memory and CPU cores of the enclave. The enclave runs as a separate virtual machine to the EC2 instance that is used to create it.

Does Nitro Enclaves utilize CPU-based technologies?

Nitro Enclaves utilizes proven CPU-based technology for execution isolation, combined with the unique design of the Nitro System and a root of trust based in AWS designed silicon.

How does Nitro Enclaves provide the memory and CPU isolation?

The Nitro Hypervisor is designed by AWS to partition the physical resources of a server and, unlike other virtualization technology, does not implement general-purpose administrative capabilities that are not needed in our cloud infrastructure. Nitro Enclaves extends the isolation capabilities of the Nitro Hypervisor to further protect information that resides in the CPU and memory resources that are allocated to provision an enclave.

Which instance types are supported?

Nitro Enclaves is currently supported across a wide range of our virtualized Nitro System-based EC2 instances. Nitro Enclaves is not currently available on bare metal instances, burstable instance types (e.g. T3), Graviton-based instances, and any instances with only 1 CPU core.

What is cryptographic attestation?

Cryptographic attestation is a process used to prove the identity of an enclave and verify that only authorized code is running your enclave. The attestation process is accomplished through the Nitro Hypervisor, which produces a signed attestation document for the enclave to prove its identity to another party or service. Attestation documents contain details of the enclave such as the enclave's public key, hashes of the enclave image and applications, and more. Nitro Enclaves includes AWS KMS integration, where KMS is able to read and verify these attestation documents sent from the enclave before re-encrypting data to an enclave-specific private key.

How many enclaves can I create from one instance?

You can create one enclave per instance.

Billing

How will I be charged and billed for my use of AWS Nitro Enclaves?

There are no additional charges for using AWS Nitro Enclaves. You will be charged for the use of Amazon EC2 instances and any other AWS services that are used with Nitro Enclaves.

Enclave Development

What are enclave applications?

Enclave applications, like ACM for Nitro Enclaves , are complete end-to-end applications that you can use with Nitro Enclaves. Enclave applications contains the application (in .eif format) that runs in the enclave, and applications that run on the parent instance that are required to interact with the enclave. Enclave applications provide you with an easy way to get started with Nitro Enclaves without having to refactor existing applications to run in an isolated, hardened, and highly constrained environment.

What is vsock and how do I use it to communicate with an enclave?

Vsock is a type of socket interface that is defined by a context ID (CID) and port number. The context ID is parallel to an IP address in a TCP/IP connection. Vsock utilizes standard, well-defined POSIX Sockets APIs (e.g. connect, listen, accept) to communicate with an enclave. Applications can use these APIs to communicate natively over vsock or they can send HTTP requests over vsock through a proxy. The Nitro Enclaves SDK includes examples on how you can program your application to send HTTP requests to your enclave.

What is the root of trust for the attestation document and how can I verify it?

The root of trust is the Nitro Enclaves Regional Private Certificate Authority (CA). You can retrieve its certificate from a list of S3 buckets listed on aws.amazon.com/ec2/nitro/nitro-enclaves/root-ca. The attestation document generated by the enclave is signed by the Nitro Hypervisor, which in turn is signed by the Infrastructure CA, which is then signed by the Regional Private CA, establishing the chain of trust.

Can I use my own key management service or 3rd party service with Nitro Enclaves?

Yes, you can use your own key management service or another 3rd party. To do that, you will need to build an attestation process or service to be able to validate the signed attestation documents generated by your enclave.

Enclave Application: ACM for Nitro Enclaves

What is ACM for Nitro Enclaves?

ACM for Nitro Enclaves is an enclave application that allows you to use public and private SSL/TLS certificates from AWS Certificate Manager (ACM) with your web applications and servers running on Amazon EC2 instances with AWS Nitro Enclaves.

Why should I use ACM for Nitro Enclaves?

AWS Certificate Manager (ACM) for Nitro Enclaves allows you to use public and private SSL/TLS certificates with your web applications and servers running on Amazon EC2 instances with AWS Nitro Enclaves. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks. Nitro Enclaves is an EC2 capability that enables creation of isolated compute environments to further protect and securely process highly sensitive data, such as SSL/TLS private keys.

ACM removes the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates. ACM takes care of creating secure private keys, distributing the certificate and its private key to your enclave, and managing certificate renewals. ACM for Nitro Enclaves is an enclave application that works with web applications and servers running on your Amazon EC2 instance to install the certificate and seamlessly replace expiring certificates. With Nitro Enclaves, the certificate's private key remains isolated in the enclave, preventing the instance from viewing the private key.

Can I view or export the private key of the certificate out of the enclave?

No, the ACM for Nitro Enclaves does not allow you or any users to view or export the private key of the certificate.

Which web applications and servers is ACM for Nitro Enclaves compatible with?

ACM for Nitro Enclaves is fully integrated and compatible with NGINX 1.18 and above.

Which ACM certificates is ACM for Nitro Enclaves compatible with?

ACM for Nitro Enclaves supports both public and private SSL/TLS certificates issued through ACM, as well as third-party certificates imported into ACM. ACM does not manage renewals for imported certificates. Customers are responsible for renewing the certificates they import into ACM.

What is cost of using ACM for Nitro Enclaves?

There is no additional cost to using ACM for Nitro Enclaves. Public SSL/TLS certificates that you provision through ACM for Nitro Enclaves are available at no cost. You pay only for the AWS resources that you create to run your application, such as EC2 instances.

How do I get started with ACM for Nitro Enclaves?

To get started, go to the ACM for Nitro Enclaves user guide

Product-Page_Standard-Icons_01_Product-Features_SqInk
Learn more about features

Visit the AWS Nitro Enclaves features page.

Learn more 
Product-Page_Standard-Icons_02_Sign-Up_SqInk
Sign up for a free account

Instantly get access to the AWS Free Tier. 

Sign up 
Product-Page_Standard-Icons_03_Start-Building_SqInk
Start building in the console

Get started building with AWS Nitro Enclaves in the AWS Management Console.

Sign in