docs: AWS provides OVMF sources for SEV-SNP instances

Question

docs: AWS provides OVMF sources for SEV-SNP instances

agraf opened this issue a year ago · 3 comments

Issue description

The documentation page https://docs.edgeless.systems/constellation/overview/clouds calls out that in AWS EC2, instance firmware is not reviewable. For SEV-SNP instances, this is incorrect. We publish the sources as well as reproducibly built binaries and programmatic (nix based) build instruction at https://github.com/aws/uefi. Please change the table accordingly :).

As a side comment, you can use this binary in combination with https://github.com/virtee/sev-snp-measure to generate launch digests for SEV-SNP instances.

Answer 1 · 2023-06-29T20:46:47.000Z

Thanks for the hint! We'll update the page.
We're already using sev-snp-measure and have created a Go port of parts of it (https://github.com/edgelesssys/sev-snp-measure-go) to integrate it into Constellation.

Answer 2 · 2023-06-30T12:20:50.000Z

The page should be up-to-date now :)

Answer 3 · 2023-06-30T12:28:44.000Z

Thank you :)