Disclosure: I work at AWS, and I played a part in the design of this feature. But not sadly not any coding for this one.<p>Since this is HN, I thought additional links to the open-source licensed software that we released today might be helpful. A lot of it is written in Rust.<p>Nitro Enclaves CLI - <a href="https://github.com/aws/aws-nitro-enclaves-cli" rel="nofollow">https://github.com/aws/aws-nitro-enclaves-cli</a><p>Application that uses ACM managed certificates to do TLS termination inside a Nitro Enclave - <a href="https://github.com/aws/aws-nitro-enclaves-acm" rel="nofollow">https://github.com/aws/aws-nitro-enclaves-acm</a><p>A library for interacting with the TPM-like device called the Nitro Security Module (used to measure code for attestation purposes) - <a href="https://github.com/aws/aws-nitro-enclaves-nsm-api" rel="nofollow">https://github.com/aws/aws-nitro-enclaves-nsm-api</a><p>Some sample C code for use with Nitro Enclaves - <a href="https://github.com/aws/aws-nitro-enclaves-sdk-c" rel="nofollow">https://github.com/aws/aws-nitro-enclaves-sdk-c</a><p>And a sample application showing how to use vsock to communicate - <a href="https://github.com/aws/aws-nitro-enclaves-samples" rel="nofollow">https://github.com/aws/aws-nitro-enclaves-samples</a>
This is really cool. A secure enclave that's just a normal vm, with attestation capabilities is a pretty big deal.<p>I'm especially excited about the new ability to use ACM certificates on ec2 hosts (instead of just a load balancer)[0].<p>[0]: <a href="https://aws.amazon.com/about-aws/whats-new/2020/10/announcing-aws-certificate-manager-for-nitro-enclaves/" rel="nofollow">https://aws.amazon.com/about-aws/whats-new/2020/10/announcin...</a>