init

The command performs a series of operations to configure and secure your environment: Creates essential Nitride identities and attaches a policy.

Usage

This command typically sets up the plugins at its default path, enables it, and may provision default identities and policies for common platforms (e.g., AWS, Azure, GCP).

 vhsm nitride init [option]

Options

-namespacing @policy.json : Enforce a namespace-specific access policy @policy.json

Structure: @policy.json

"name": A string uniquely identifying the policy.
"identities": An object specifying the required identities for this policy.
"provider": The provider identity. For example, azure-sev-snp-vtpm.
"platform": An array of platform identity objects, see platform identity structure.
"firmware": An array of firmware identity objects, see firmware identity structure.
"workload": A workload identity object, see workload identity structure.
"metadata": (Optional) Additional metadata for the policy.

Example

Run the initialization process to set up the plugins with sensible defaults.

vhsm nitride init

Output

Success! Initialized the Nitride attestation plugin at path "ratls/".
Default platform identities and policies have been created.

The default mount path for the Nitride plugin is ratls/. All commands implicitly operate under this path.

Last updated 5 days ago

Was this helpful?