Skip to main content

Key Management

Leveraging the KMS for TLS Certs

As seen previously, enclaves can use AWS-provided Key Management Service (KMS) to securely decrypt the cipher inside the enclave. This integration included the attestation of the enclave on AWS KMS service and is particularly useful in cases where you wish to inject your organisation's TLS certificates into the enclave, either for direct use or to act as an intermediary certificate for enhanced privacy.

1
First, we need to create a role for the enclave which has access to the s3 and KMS:
aws iam create-role \
    --role-name EC2_S3_KMS_Role \
    --assume-role-policy-document '{
        "Version": "2012-10-17",
        "Statement": [{
            "Effect": "Allow",
            "Principal": {
                "Service": "ec2.amazonaws.com"
            },
            "Action": "sts:AssumeRole"
        }]
    }' \
    --description "IAM role for EC2 instances with S3 and KMS access"

# Attach policies to the role
aws iam attach-role-policy \
    --role-name EC2_S3_KMS_Role \
    --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess

aws iam attach-role-policy \
    --role-name EC2_S3_KMS_Role \
    --policy-arn arn:aws:iam::aws:policy/AWSKeyManagementServicePowerUser
2
We then need to create a KMS key policy which ensures that only the key can decrypt the cipher from inside the enclave. The PCR value can be obtained from the PCR server or from AWS Marketplace, along with the hash of the manifest which is in PCR16. We will add an additional rule which allows the admin to manage the keys.
# cat key_policy.json
{
  "Version": "2012-10-17",
  "Id": "key-default-1",
  "Statement": [
			{
            "Sid": "Enable decrypt from enclave",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<ACCOUNT_ID>:role/EC2_S3_KMS_Role"
            },
            "Action": "kms:Decrypt",
            "Resource": "*",
            "Condition": {
              "StringEqualsIgnoreCase": {
                  "kms:RecipientAttestation:ImageSha384": "<PCR0>"
                  "kms:RecipientAttestation:ImageSha384": "<PCR1>"
                  "kms:RecipientAttestation:ImageSha384": "<PCR2>"
                  "kms:RecipientAttestation:ImageSha384": "<PCR16>"
              }
          }
      },
      {
          "Sid": "Allow access for Key Administrators",
          "Effect": "Allow",
          "Principal": {
              "AWS": "arn:aws:iam::<ACCOUNT_ID>:user/<ADMIN_ROLE_NAME>"
          },
          "Action": [
              "kms:Create*",
              "kms:Describe*",
              "kms:Enable*",
              "kms:List*",
              "kms:Put*",
              "kms:Update*",
              "kms:Revoke*",
              "kms:Disable*",
              "kms:Get*",
              "kms:Delete*",
              "kms:TagResource",
              "kms:UntagResource",
              "kms:ScheduleKeyDeletion",
              "kms:CancelKeyDeletion"
          ],
          "Resource": "*"
      }
  ]
}
3
We can create an AWS KMS key from this policy.
aws kms create-key --description "Nitro Enclaves Key" \
	--policy file://key_policy.json \
	--query KeyMetadata.Arn --output text
4
Now, we can use this key to encrypt our CA certificate and store it in S3. More on this in here.