This package helps with building networked Go applications on top of AWS Nitro Enclaves. The package provides the following features:
-
Initialize the enclave's entropy pool.
-
Obtain an HTTPS certificate for clients to connect to the enclave; either self-signed, or via Let's Encrypt.
-
Expose an endpoint for remote attestation.
-
Start a proxy that transparently translates between IP and VSOCK.
Use the following code to get started:
func main() {
enclave := nitro.NewEnclave(
&nitro.Config{
SOCKSProxy: "socks5://127.0.0.1:1080",
FQDN: "example.com",
Port: 80,
Debug: true,
UseACME: false,
},
)
enclave.AddRoute(http.MethodGet, "/helloworld", helloWorldHandler())
if err := enclave.Start(); err != nil {
log.Fatalf("Enclave terminated: %v", err)
}
}