This repository holds the CloudFormation template for the Getting Started with Nitro Enclaves on Microsoft Windows blog.
AWS Nitro Enclaves, introduced in October 2020, are isolated compute environments leveraging the power of the AWS Nitro System to provide isolation and attestation for sensitive data processing. Customers use Nitro Enclaves to isolate their data processing workloads, even from users with root access to the underlying EC2 instance.
The AWS Nitro System itself provides unique security and performance for all latest-generation Amazon EC2 instances - including verified hardware root-of-trust due to the Nitro Controller and the Nitro Security Chip.
AWS Nitro Enclaves reduce the attack surface even further by removing all networking, persistent storage, and interactive access. The Nitro Enclave is completely separated from the host instance, even users with full root access to the host instance have no root access to the enclave. This exclusive capability enables customers to process sensitive data in an isolated compute environment, while still leveraging familiar services such as AWS Identity and Access Management (IAM) and the AWS Key Management Service (KMS).
For more information or for other examples of AWS Nitro Enclaves, please see the official documentation or our overview video on YouTube.
See CONTRIBUTING for more information.
This library is licensed under the MIT-0 License. See the LICENSE file.