Open aaronhigh-loyal opened 7 months ago
shueybubbles
commented
7 months ago thx for opening the issue. AE with enclaves is on my wish list but we currently don't have any time allocated for it. How do folks like yourself script/automate such queries today? Is there any potential benefit to supporting enclaves without attestation as an initial phase? Proper implementation of the attestation protocol will be by far the biggest chunk of work needed in the driver
aaronhigh-loyal
commented
7 months ago thx for opening the issue. AE with enclaves is on my wish list but we currently don't have any time allocated for it. How do folks like yourself script/automate such queries today? Is there any potential benefit to supporting enclaves without attestation as an initial phase? Proper implementation of the attestation protocol will be by far the biggest chunk of work needed in the driver
Hey @shueybubbles ,
We actually aren't automating enclave computation queries today. This came up recently as part of an automated process I'm attempting to implement (it's not necessarily a showstopper, just a "nice to have" for us, I'm automating mostly non-enclave-required scripting). We're in the process of researching a cutover from hardware/SGX enclaves to VBS so I'm hopeful that we can move away from the attestation as part of that process.
As the title says, Secure Enclaves with Azure Databases appears to be unsupported at this time. It would be a great benefit to support Secure Enclaves for sqlcmd queries for those of us using this feature.
Consider adding command line args for secure enclaves, attestation protocol, and attestation URL in order to support both hardware/SGX Secure Enclaves and VBS Secure Enclaves. Currently when performing an operation that triggers enclave computations, an error is returned (as expected):