mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-27 00:19:36 -05:00
8f21972aec
* variant: move into internal/attestation * attesation: move aws attesation into subfolder nitrotpm * config: add aws-sev-snp variant * cli: add tf option to enable AWS SNP For now the implementations in aws/nitrotpm and aws/snp are identical. They both contain the aws/nitrotpm impl. A separate commit will add the actual attestation logic.
24 lines
607 B
Go
24 lines
607 B
Go
/*
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
/*
|
|
# Amazon Web Services attestation
|
|
|
|
Constellation supports multiple attestation technologies on AWS.
|
|
|
|
- SEV - Secure Nested Paging (SEV-SNP)
|
|
|
|
TPM attestation verified using an SEV-SNP attestation statement.
|
|
The TPM runs outside the confidential context.
|
|
The initial firmware measurement included in the SNP report can be calculated idependently.
|
|
The source code of the firmware is publicly available.
|
|
|
|
- NitroTPM
|
|
|
|
No confidential computing. Attestation via a TPM 2.0 compliant vTPM.
|
|
*/
|
|
package aws
|