Hi,
want to create an ec2 instance with nitroTPM 2.0 enabled.
I followed the instructions from this site: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enable-nitrotpm-support-on-ami.html
{
"Images": [
{
"Architecture": "x86_64",
"CreationDate": "2022-11-21T20:07:43.000Z",
"ImageId": "ami-05683f60db56ff1b5",
"ImageLocation": "293786889684/DebianImage",
"ImageType": "machine",
"Public": false,
"OwnerId": "293786889684",
"PlatformDetails": "Linux/UNIX",
"UsageOperation": "RunInstances",
"State": "available",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/xvda",
"Ebs": {
"DeleteOnTermination": true,
"SnapshotId": "snap-0c493ccaccd018881",
"VolumeSize": 8,
"VolumeType": "gp2",
"Encrypted": false
}
},
{
"DeviceName": "/dev/xvdf",
"Ebs": {
"DeleteOnTermination": true,
"VolumeSize": 10,
"VolumeType": "gp2",
"Encrypted": false
}
}
],
"EnaSupport": true,
"Hypervisor": "xen",
"Name": "DebianImage",
"RootDeviceName": "/dev/xvda",
"RootDeviceType": "ebs",
"SriovNetSupport": "simple",
"VirtualizationType": "hvm",
"BootMode": "uefi",
"TpmSupport": "v2.0"
}
]
}
So far it looks good, but if I try to launch an instance of this AMI, I cannot connect to the machine. If I create an instance from the management console without nitroTPM support I can connect to the machine via my Key.
Also, I would like to get some measurements from the TPM, but I don't see any of the hashes in the response.
I appreciate any help you can offer.
Heres my ec2 description
{
"Reservations": [
{
"Groups": [],
"Instances": [
{
"AmiLaunchIndex": 0,
"ImageId": "ami-05683f60db56ff1b5",
"InstanceId": "i-03435c99e5a3a83b5",
"InstanceType": "m6a.xlarge",
"KeyName": "OPTI_PLEX_KEY_PAIR",
"LaunchTime": "2022-11-21T20:53:29.000Z",
"Monitoring": {
"State": "disabled"
},
"Placement": {
"AvailabilityZone": "eu-central-1a",
"GroupName": "",
"Tenancy": "default"
},
"PrivateDnsName": "ip-172-31-16-168.eu-central-1.compute.internal",
"PrivateIpAddress": "172.31.16.168",
"ProductCodes": [],
"PublicDnsName": "ec2-18-159-62-7.eu-central-1.compute.amazonaws.com",
"PublicIpAddress": "18.159.62.7",
"State": {
"Code": 16,
"Name": "running"
},
"StateTransitionReason": "",
"SubnetId": "subnet-12bdf778",
"VpcId": "vpc-d90e6cb3",
"Architecture": "x86_64",
"BlockDeviceMappings": [
{
"DeviceName": "/dev/xvda",
"Ebs": {
"AttachTime": "2022-11-21T20:53:30.000Z",
"DeleteOnTermination": true,
"Status": "attached",
"VolumeId": "vol-05814aff540510c1f"
}
},
{
"DeviceName": "/dev/xvdf",
"Ebs": {
"AttachTime": "2022-11-21T20:53:30.000Z",
"DeleteOnTermination": true,
"Status": "attached",
"VolumeId": "vol-03027ae670649544f"
}
}
],
"ClientToken": "45856522-8833-4e31-985f-f5209b014fa1",
"EbsOptimized": true,
"EnaSupport": true,
"Hypervisor": "xen",
"ElasticGpuAssociations": [],
"ElasticInferenceAcceleratorAssociations": [],
"NetworkInterfaces": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-18-159-62-7.eu-central-1.compute.amazonaws.com",
"PublicIp": "18.159.62.7"
},
"Attachment": {
"AttachTime": "2022-11-21T20:53:29.000Z",
"AttachmentId": "eni-attach-01e82b7e623e8e9da",
"DeleteOnTermination": true,
"DeviceIndex": 0,
"Status": "attached",
"NetworkCardIndex": 0
},
"Description": "",
"Groups": [
{
"GroupName": "launch-wizard-10",
"GroupId": "sg-05676ad26b7f6ed13"
}
],
"Ipv6Addresses": [],
"MacAddress": "02:b8:28:63:4f:fc",
"NetworkInterfaceId": "eni-095492d80db0313b8",
"OwnerId": "293786889684",
"PrivateDnsName": "ip-172-31-16-168.eu-central-1.compute.internal",
"PrivateIpAddress": "172.31.16.168",
"PrivateIpAddresses": [
{
"Association": {
"IpOwnerId": "amazon",
"PublicDnsName": "ec2-18-159-62-7.eu-central-1.compute.amazonaws.com",
"PublicIp": "18.159.62.7"
},
"Primary": true,
"PrivateDnsName": "ip-172-31-16-168.eu-central-1.compute.internal",
"PrivateIpAddress": "172.31.16.168"
}
],
"SourceDestCheck": true,
"Status": "in-use",
"SubnetId": "subnet-12bdf778",
"VpcId": "vpc-d90e6cb3",
"InterfaceType": "interface",
"Ipv4Prefixes": [],
"Ipv6Prefixes": []
}
],
"RootDeviceName": "/dev/xvda",
"RootDeviceType": "ebs",
"SecurityGroups": [
{
"GroupName": "launch-wizard-10",
"GroupId": "sg-05676ad26b7f6ed13"
}
],
"SourceDestCheck": true,
"Tags": [
{
"Key": "Name",
"Value": "Ubuntu bla"
}
],
"VirtualizationType": "hvm",
"CpuOptions": {
"CoreCount": 2,
"ThreadsPerCore": 2
},
"CapacityReservationSpecification": {
"CapacityReservationPreference": "open"
},
"HibernationOptions": {
"Configured": false
},
"Licenses": [],
"MetadataOptions": {
"State": "applied",
"HttpTokens": "optional",
"HttpPutResponseHopLimit": 1,
"HttpEndpoint": "enabled",
"HttpProtocolIpv6": "disabled",
"InstanceMetadataTags": "enabled"
},
"EnclaveOptions": {
"Enabled": true
},
"BootMode": "uefi",
"PlatformDetails": "Linux/UNIX",
"UsageOperation": "RunInstances",
"UsageOperationUpdateTime": "2022-11-21T20:53:29.000Z",
"PrivateDnsNameOptions": {
"HostnameType": "ip-name",
"EnableResourceNameDnsARecord": true,
"EnableResourceNameDnsAAAARecord": false
},
"TpmSupport": "v2.0",
"MaintenanceOptions": {
"AutoRecovery": "default"
}
}
],
"OwnerId": "293786889684",
"ReservationId": "r-0089af1cf650fc657"
}
]
}