By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Can NitroTPM have an IAM user in the chain of trust on non-enclave vms?

0

Hi,

We would like to use TPM to protect a private key so it is locked to a machine and an IAM user.

Is it possible to have the IAM user in the chain of trust on non-enclave aws VMS with NitroTPM enabled?

Thanks

Topics
Security, Identity, & Compliance
Tags
AWS Identity and Access Management
Language
English
Graham
asked a year ago219 views
1 Answer
2

AWS Nitro Enclaves with NitroTPM is a technology designed for isolating sensitive data and computation on EC2 instances. NitroTPM provides a root of trust for the Nitro Enclave, giving you a way to verify the enclave's identity and integrity. However, the NitroTPM functionality is not directly tied to IAM users. It does not provide a method to bind an IAM user to a TPM or establish a chain of trust involving an IAM user. The AWS IAM service is designed to handle authentication and authorization for AWS services, while Nitro Enclaves with NitroTPM provide a hardware-based root of trust and isolated compute environment for sensitive data.

profile picture
EXPERT
Sedat Salman
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content