lminer
commented
10 months ago Is this still not supported? If not, is it on the roadmap? It would be nice to have an issue to track for this.
Open 1awrenceYang opened 1 year ago
lminer
commented
10 months ago Is this still not supported? If not, is it on the roadmap? It would be nice to have an issue to track for this.
tanaybaswa
commented
9 months ago +1
LorenzoTomaz
commented
7 months ago +1
meerd
commented
7 months ago 
andrcmdr
commented
2 months ago This should be set as a top priority for AWS cloud now, in the light of AI technologies evolving and the appearance of first GPU TEE discrete adapters (Hopper H100 and Blackwell H200 architectures from NVidia) for CC (confidential computing mode) on GPU, and 'cause P5 and P5e EC2 instances with H100 already available in AWS cloud.
But looks like Nitro is still not support GPU TEE for AWS cloud and not support enabling discrete adapters on a PCI bus, although the NSM module itself is a virtual (virtio based) PCI device to interact with Nitro hypervisor (hope its code will be published as well, as it is based on KVM - this will improve the chain of trust and will gives improved attestation for all components of the Nitro platform).
There are other options available - the KVM/QEMU VMs with support for AMD SEV-SNP or Intel TDX, VM based CPU TEE, and NVidia's Hopper/Blackwell MIG TEE enabled with NVtrust. But AWS cloud and Nitro still has a great usability to run confidential computing resources.
Guys and gals, you definitely should take this into more closer consideration and implement it ASAP in near perspective.
Cc @meerd @andraprs @eugkoira @axlprv @agraf @jdbean
Hi, I've been studying using AWS for a while and I'm particularly interested in the Enclaves feature of Nitro system. However, I haven't found a way to attach GPU to a Enclave under a parent instance. Is it possible to attach a vGPU to a Enclave?