Guidance for Secure Blockchain Key Management with AWS Nitro Enclaves
Overview
How it works
These technical details feature an architecture diagram to illustrate how to effectively use this solution. The architecture diagram shows the key components and their interactions, providing an overview of the architecture's structure and functionality step-by-step.
Well-Architected Pillars
The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.
Operational Excellence
This Guidance provides a basic blueprint to help you implement AWS Nitro Enclave for blockchain key management. Design this into your workloads with AWS CDK, so you can customize and build the procedures needed to support your business objectives.
Security
For secure authentication and authorization, access is granted only to instances running in the same VPC as the AWS Nitro Enclaves. This is ensured by security groups that act as a virtual firewall for your Amazon EC2 instances to control incoming and outgoing traffic.
Separate VPCs are created within two private subnets. Amazon EC2 instances running inside the subnets can only access the internet through the Network Address Translation (NAT) gateways. No inbound access to Amazon EC2 instances is possible. Administrator access to the Amazon EC2 instances is established through Systems Manager. All traffic to AWS services, like AWS KMS, is routed through the interface VPC endpoints.
Data, particularly sensitive private key material, is encrypted using AWS KMS. The ciphertext is stored in Secrets Manager. Cryptographic attestation is used to ensure that the ciphertext is decrypted from inside the AWS Nitro Enclave.
Reliability
By default, an auto scaling group deploys over two different subnets in different Availability Zones. One Amazon EC2 instance deploys in each subnet. A network load balancer (NLB) distributes the requests between both Amazon EC2 instances. The auto scaling group ensures that there are two active instances available at any time.
The enclaves run stateless and all services are loosely coupled. Changes to the resources and configs can be applied and deployed through AWS CDK to minimize human error and help your environment adapt to changes.
Performance Efficiency
The services in this Guidance provide a secure, flexible, and cost-effective alternative to the purpose-built blockchain key management solutions available on AWS right now. It is a blueprint of what an AWS Nitro Enclave blockchain key management solution could look like. You can adapt the critical parts (such as key management and signing) for your specific use.
Cost Optimization
This Guidance avoids services and storage options with high monthly fix costs. For long-term operation, the Amazon EC2 instances can be part of an EC2 Instance Savings Plan. By default, the Guidance uses on-demand instances with the Amazon EC2 instance type as M5a.xlarge, the smallest instance currently supporting AWS Nitro Enclaves.
By leveraging a Network Load Balancer that distributes the load between two different Amazon EC2 instances running in separate availability zones (AZs), this Guidance scales to continually meet demand. It ensures this scaling and high availability through the additional Amazon EC2 instances. Because the processes inside the AWS Nitro Enclaves are stateless, new Amazon EC2 instances can be added and removed according to the demand.
Sustainability
The auto scaling group in this Guidance ensures a minimum number of instances are running, and new instances are both launched and terminated based on changes to demand.
Related content
AWS Nitro Enclaves for secure blockchain key management: Part 1
This post demonstrates how AWS Nitro Enclaves offers flexible support for low-level blockchain operations such as scaling out key management in a secure fashion.
Disclaimer
Did you find what you were looking for today?
Let us know so we can improve the quality of the content on our pages