AWS has recently made available Nitro Enclaves, isolated EC2 environments to process confidential data. Based on a lightweight Linux OS, a Nitro Enclave is a hardened, attested and highly constrained virtual machine.
The new service has no persistent storage, no administrator access and creates an additional isolation to further protect highly sensitive data within EC2 instances and reduce the attack surface area for sensitive data processing applications. Jeff Barr, chief evangelist at AWS, describes the main use cases:
AWS customers in industries as diverse as financial services, defense, media & entertainment, and life sciences routinely process highly sensitive data on the AWS Cloud. When they do this, they need to protect against internal and external threats, and they need to deal with complex situations that involve multiple, mutually untrusted partners, vendors, customers, and employees. Today, they use VPCs to create highly isolated environments with controlled, limited connectivity, accessible only to a restricted set of users.
Customers can use the new functionality to partition and protect data out of a larger general purpose operating system environment and into an isolated execution one. AWS is not the only cloud provider offering protected virtual machines: Azure offers hardware-based trusted execution environments (TEE) and Google Cloud has recently announced its Confidential VMs feature.
Richard Fan, cloud engineer at GrowthOps and AWS community builder, wrote an article on how to run a Python application on AWS Nitro Enclaves and summarizes how the new feature works:
AWS Nitro Enclaves is an isolated environment running beside the EC2 instance. It uses the CPU and memory resources from your EC2 instance, but it is isolated from the instance on the hypervisor level so that your instance cannot access the enclave even on the OS-level. The only way you can communicate with the enclave is through the vsock channel.
He created a project on GitHub to demo how to use the Python socket package to establish communication between EC2 instances and Nitro Enclave and use a proxy to make HTTPS calls from inside the enclave.
Vin Armani, chief technology officer at CoinText, suggests a possible adoption of the new functionality in digital currencies:
These new AWS Nitro Enclaves are intriguing. My guess is that these will be highly popular with crypto exchanges. This seems like a perfect tool for servers providing Simple Ledger Postage Protocol and SWaP Protocol services.
With a separate announcement, AWS Certificate Manager has introduced support for host-terminated TLS on EC2 via Nitro Enclaves.This allows the usage of free public and private SSL/TLS certificates with web applications and web servers running on EC2 instances with AWS Nitro Enclaves.
A few limitations apply: ACM for Nitro Enclaves at the moment integrates only with NGINX to install the certificate and replace expiring certificates. Nitro Enclaves are currently supported only on Intel and AMD-based processors and the smallest available instance is the m5a.xlarge. Only a single hardened environment per EC2 instance is supported. There are no additional charges for the new service but the cost of the parent instance.