Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Can you run multiple programs inside one AWS Nitro Enclave at the same time?

0

The AWS Nitro Enclave Concepts states that "An enclave is a virtual machine with its own kernel, memory, and CPUs" and "An enclave image file (.eif) includes a Linux operating system, libraries, and enclave applications that will be booted into an enclave when it is launched".

So, if the Enclave is in fact a Linux VM, can we run multiple programs inside one Nitro Enclave instance at once (as opposed to creating separate Nitro Enclave instances for each program)? The documentation makes be believe this is possible, but I have not found an example illustrating how this would be done---the closest example creates multiple enclave instances.

And if you can run multiple programs in one Enclave instance, do they have the same safety guarantees that programs would normally have (e.g., memory safety between programs)?

Temas
Cálculo
Etiquetas
Amazon EC2
Idioma
English
Bear
preguntada hace un año241 visualizaciones
2 Respuestas
0

It is possible to run multiple programs in an enclave. But the question to ask is, why would you want to do that if you want isolation between those multiple programs to begin with? Package each program into a separate enclave if you want that isolation between them, most importantly run only trusted pieces of software inside the enclave, this is not a sand boxing solution.

Sudhir
respondido hace un año
0

to answer your question, yes it IS possible to run multiple programs inside of a Nitro Enclave. You'll need to provide customization to navigate the VSOCK for networking/storage considerations. Ideally with a DIY approach you'd want to use separate enclaves for each component that you want to isolate - if you're looking to run a full container/application with multiple components, you might want to look into some third party solutions since DIY for OSS/large apps can be a heavy lift.

profile picture
dwaynehoov
respondido hace 16 días

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante