Sold by: Edgeless SystemsÂ
Deployed on AWS
Contrast enables confidential Kubernetes deployments by running workloads inside hardware-encrypted confidential micro-VMs using AMD SEV-SNP and Intel TDX. It keeps your data always encrypted, at rest, in transit, and in use, removing cloud infrastructure, cluster administrators, and datacenter employees from your trusted computing base. Easily integrate Contrast into your existing Kubernetes workflows with a lift-and-shift approach for unmodified containers, ensuring runtime encryption, workload attestation, and verifiable security for compliance-sensitive and multi-party computing scenarios.
Overview
Contrast is a confidential computing solution that enables organizations to run Kubernetes workloads with hardware-based security, ensuring data remains encrypted at all times, at rest, in transit, and in use. Built on Kata Containers and leveraging AMD SEV-SNP and Intel TDX confidential computing technologies, Contrast executes your pods inside confidential micro-VMs that provide strong isolation from the underlying infrastructure. This revolutionary approach removes cloud providers, datacenter employees, privileged administrators, and malicious co-tenants from your trusted computing base (TCB), protecting your most sensitive workloads from infrastructure-level threats while maintaining full compatibility with your existing containers through a seamless lift-and-shift approach.
Contrast delivers comprehensive security features including runtime memory encryption for all pods, automated PKI and mTLS for encrypted pod-to-pod communication with workload certificates, and support for encrypted integrity-protected state disks. The platform provides verifiable security through workload attestation at the Kubernetes pod level (including container images), transitive attestation across multi-pod deployments, and third-party audit capabilities. Runtime policies enforce strict isolation between containers, pods, and the Kubernetes control plane, ensuring zero-trust security throughout your deployment.
Designed for enterprise adoption, Contrast integrates seamlessly into existing Kubernetes workflows as a day-2 operation on managed Kubernetes services or bare-metal clusters. Common use cases include securing sensitive workloads during cloud migration, protecting intellectual property and customer data in SaaS offerings, enabling multi-party computation for secure data collaboration, meeting stringent regulatory compliance requirements, and shielding applications from internal threats including your own cluster administrators. With minimal changes to your deployment processes, Contrast provides enterprise-grade confidential computing capabilities that transform how you protect cloud-native applications.
Highlights
- Always-Encrypted Confidential Computing: Protect data at rest, in transit, and in use with hardware-based memory encryption using AMD SEV-SNP and Intel TDX, removing cloud infrastructure and administrators from your trusted computing base.
- Verifiable Security with Workload Attestation: Ensure compliance and build trust with cryptographic attestation of your Kubernetes pods, including container images, enabling third-party audits and transitive verification across multi-pod deployments.
- Seamless Kubernetes Integration: Deploy confidential containers with minimal workflow changes using a lift-and-shift approach for existing unmodified containers, with automated mTLS, runtime policies, and encrypted pod-to-pod communication.
Details
Sold by
Categories
Delivery method
Supported services
Delivery option
Contrast CLI
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Core Block (100 Cores) | Represents a block of 100 CPU cores/vCPUs in the Kubernetes cluster running Contrast workloads. Each unit corresponds to 100 physical or virtual cores on nodes where Contrast confidential containers are deployed. Count all cores on eligible nodes, regardless of whether workloads are actively running. | $75,000.00 |
Vendor refund policy
All fees are non-refundable.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Contrast CLI
Supported services: Learn moreÂ
- Amazon EKS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Additional details
Usage instructions
-
Provision Kubernetes Cluster: Set up an EKS cluster with bare metal EC2 nodes that meet the hardware requirements for confidential computing (AMD SEV-SNP): https://github.com/aws-samples/howto-runtime-attestation-on-aws?tab=readme-ov-file#statusÂ
-
Install Contrast CLI: Download and install the Contrast CLI from the official documentation: Contrast CLI Installation Guide: https://docs.edgeless.systems/contrast/howto/install-cliÂ
-
Deploy Contrast to Your Cluster: Use the Contrast CLI to deploy the Contrast runtime to your Kubernetes cluster. Follow the step-by-step instructions in the Getting Started Guide: https://docs.edgeless.systems/contrast/getting-started/overviewÂ
-
Configure Confidential Workloads: Annotate your Kubernetes pods or deployments to run as confidential containers. Refer to the How-to Guides for configuration examples and best practices: https://docs.edgeless.systems/contrast/getting-started/deploymentÂ
-
Monitor and Manage: Use the CLI and Kubernetes tools to monitor, update, and manage your confidential workloads. For troubleshooting and advanced configuration, see the Troubleshooting (https://docs.edgeless.systems/contrast/howto/troubleshooting/ ) and Architecture (https://docs.edgeless.systems/contrast/architecture/overview ) sections.
Resources
Vendor resources
Support
Vendor support
Contrast's marketplace support plan primarily provides email support, with a guaranteed response time of 48 hours during business hours. This plan is part of our Edgeless support subscription, which ensures your team has access to necessary assistance within these constraints. For those seeking more comprehensive support solutions, Edgeless Systems also offers premium options. These include 24/7 access to our support engineers for high-severity issues, among other benefits. For detailed information about the full range of Contrast's support options, please reach out to our sales team directly.
Support email: support@edgeless.systemsÂ
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
![Contrast Security [Private Offer Only]](https://d7umqicpi7263.cloudfront.net/img/product/9625d860-b1ea-44e8-947c-ad4b9acc96e2.png)
Contrast secures your entire application portfolio with industry leading speed and accuracy, while empowering teams to automatically find and fix vulnerabilities across every step of the software developer lifecycle.
Contrast secures your entire application portfolio with industry leading speed and accuracy, while empowering teams to automatically find and fix vulnerabilities across every step of the software developer lifecycle.
Protect applications and APIs from exploits and zero days. Gain instant visibility and actionable alerts, empowering the SOC to respond to application and API attacks and reduce risk.
Computer vision based solution to correct contrast/ brightness in scanned documents to improve performance of document processing pipelines.
The official foundation model for image generation from Stability. Deploy this optimized instance and serve generative AI within minutes.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.