← Back to Dashboard

Design 43: Confidential Computing

Summary

This design implements Confidential Computing (SGX/SEV-SNP) to protect data *in use*.

Topology: Confidential VMs run in a Spoke VNet. Even Azure Admins (Microsoft) cannot see the memory contents.

1. Key Design Decisions (ADR)

ADR-01: Hardware

  • Decision: DC-Series (Intel SGX) or EC-Series (AMD SEV-SNP).
  • Rationale: Hardware-based memory encryption.

ADR-02: Attestation

  • Decision: Microsoft Azure Attestation (MAA).
  • Rationale: Cryptographically verifies that the hardware is genuine and the code hasn't been tampered with before releasing secrets.

2. High-Level Design (HLD)

+--------------+           +--------------------------+           +--------------+
|  Client      |           |        HUB VNet          |           |  SPOKE VNet  |
|  (Remote)    |           |      (Key Vault)         |           |  (Enclave)   |
+------+-------+           +------------+-------------+           +------+-------+
       |                                |                                |
       v                                | (Peering)                      |
+------+-------+                        v                                v
|  Attestation |           +------------+-------------+           +------+-------+
|  Service     |---------->| Managed HSM              |<--------->|  Confidential|
|  (Verify)    |           | (Keys)                   |           |  VM          |
+--------------+           +--------------------------+           +------+-------+

3. Low-Level Design (LLD)

                               PRIMARY REGION (East US)
+-----------------------------------------------------------------------+
| HUB VNet: vnet-hub (10.0.0.0/16)                                      |
|   +-----------------------+                                           |
|   | Azure Managed HSM     |                                           |
|   +-----------|-----------+                                           |
|               |                                                       |
|               v (Peering)                                             |
+---------------|-------------------------------------------------------+
                |
+---------------|-------------------------------------------------------+
| SPOKE VNet: vnet-confidential (10.1.0.0/16)                           |
|   +-----------------------+                                           |
|   | Subnet: Secure        |                                           |
|   | [DCsv3 VM]            |                                           |
|   |  (Memory Encrypted)   |                                           |
|   +-----------------------+                                           |
+-----------------------------------------------------------------------+

                               SECONDARY REGION (West US)
+-----------------------------------------------------------------------+
| DR SPOKE VNet                                                         |
|   +-----------------------+                                           |
|   | Confidential VM (DR)  |                                           |
|   +-----------------------+                                           |
+-----------------------------------------------------------------------+

4. Component Rationale

  • Enclave: A protected portion of memory.
  • Managed HSM: Stores the keys used to decrypt data. It only releases keys if Attestation passes.

5. Strategy: High Availability (HA)

  • N/A: Standard VM HA applies.

6. Strategy: Disaster Recovery (DR)

  • Implementation: Active-Passive.
  • Process: Replicate VM to West US. Note: You must use Confidential hardware in West US too.

7. Strategy: Backup

  • Data: Encrypted backups.

8. Strategy: Security

  • Root of Trust: Hardware (CPU).
  • Threat Model: Protects against "Malicious Admin" or "Hypervisor Compromise".

9. Well-Architected Framework Analysis

  • Reliability: High.
  • Security: Excellent. Highest level of security available.
  • Cost Optimization: Medium. Specialized hardware costs more.
  • Operational Excellence: Medium. Complex to code apps for SGX enclaves.
  • Performance Efficiency: High. Minimal overhead.

10. Detailed Traffic Flow

1. Boot: VM boots.

2. Quote: VM generates a hardware "quote" (signature).

3. Verify: Sends quote to Attestation Service.

4. Token: Service verifies and issues a Token.

5. Unlock: VM sends Token to Key Vault.

6. Key: Key Vault releases the Disk Encryption Key.

7. Run: App runs in encrypted memory.

11. Runbook: Deployment Guide (Azure Portal)

11. Runbook: Deployment Guide (Azure Portal)

Phase 1: Create Spoke VNet

1. Search: "Virtual networks" -> + Create.

2. Resource Group: rg-confidential.

3. Name: vnet-confidential.

4. Region: East US (Ensure region supports DCsv3).

5. Create.

6. Peer to vnet-hub.

Phase 2: Deploy Confidential VM

1. Search: "Virtual machines" -> + Create.

2. Resource Group: rg-confidential.

3. Name: vm-confidential-01.

4. Region: East US.

5. Image: Ubuntu 20.04 LTS Gen 2.

6. Size:

* Click See all sizes.

* Filter by Family: Confidential compute.

* Select Standard_DC2s_v3 (Intel SGX) or Standard_EC2s_v5 (AMD SEV-SNP).

7. Security type: Confidential virtual machines.

8. Confidential computing encryption:

* Select Disk with a platform-managed key (Default).

* *Optionally select "Disk with a customer-managed key" if you have a Managed HSM.*

9. Networking: vnet-confidential.

10. Create.

Phase 3: Verify Encryption (AMD SEV-SNP)

1. Login to the VM (SSH).

2. Check Kernel: dmesg | grep -i sev.

3. Output: You should see lines like AMD Memory Encryption Features active: SEV SEV-ES SEV-SNP.

4. Check Attestation:

* Install cvm-tools (if available) or check /sys/kernel/security/sev.

Phase 4: Verify Enclave (Intel SGX)

1. If you chose DC-series (Intel):

2. Install OE SDK: sudo apt-get install open-enclave.

3. Run Sample: Run the helloworld sample.

4. It prints "Hello world from the Enclave".

* *This proves code ran in protected memory.*