join-service: add AWS attestation

2024-10-01 01:36:09 -04:00 · 2022-10-30 03:36:58 +01:00 · 2022-10-30 03:36:58 +01:00 · 3aa0177333
commit 3aa0177333
parent b69d19c3d6
2 changed files with 11 additions and 0 deletions
--- a/internal/watcher/validator.go
+++ b/internal/watcher/validator.go
@ -15,6 +15,7 @@ import (
 	"sync"

 	"github.com/edgelesssys/constellation/v2/internal/atls"
+	"github.com/edgelesssys/constellation/v2/internal/attestation/aws"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/azure/snp"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/azure/trustedlaunch"
 	"github.com/edgelesssys/constellation/v2/internal/attestation/gcp"
@ -40,6 +41,10 @@ type Updatable struct {
 func NewValidator(log *logger.Logger, csp string, fileHandler file.Handler, azureCVM bool) (*Updatable, error) {
 	var newValidator newValidatorFunc
 	switch cloudprovider.FromString(csp) {
+	case cloudprovider.AWS:
+		newValidator = func(m map[uint32][]byte, e []uint32, _ []byte, _ bool, log *logger.Logger) atls.Validator {
+			return aws.NewValidator(m, e, log)
+		}
 	case cloudprovider.Azure:
 		if azureCVM {
 			newValidator = func(m map[uint32][]byte, e []uint32, idkeydigest []byte, enforceIdKeyDigest bool, log *logger.Logger) atls.Validator {
--- a/joinservice/cmd/main.go
+++ b/joinservice/cmd/main.go
@ -16,6 +16,7 @@ import (
 	"time"

 	"github.com/edgelesssys/constellation/v2/internal/atls"
+	awscloud "github.com/edgelesssys/constellation/v2/internal/cloud/aws"
 	azurecloud "github.com/edgelesssys/constellation/v2/internal/cloud/azure"
 	"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
 	gcpcloud "github.com/edgelesssys/constellation/v2/internal/cloud/gcp"
@ -118,6 +119,11 @@ func getVPCIP(ctx context.Context, provider string) (string, error) {
 	var err error

 	switch cloudprovider.FromString(provider) {
+	case cloudprovider.AWS:
+		metadata, err = awscloud.New(ctx)
+		if err != nil {
+			return "", err
+		}
 	case cloudprovider.Azure:
 		metadata, err = azurecloud.NewMetadata(ctx)
 		if err != nil {