# Hello "attestation" world **Local attestation** is when a workload inside an enclave retrieves its own security report directly from the hardware. Conversely, **remote attestation** occurs when you direct Nitride to manage the entire attestation and verification process. ## Prerequisites * Log in as root user to the VM. * Install [vHSM CLI](/nitride/documentation/setup/install-nitride.md#installing-the-vhsm-cli). * Login to the vHSM instance with the [root token](/nitride/documentation/setup/install-nitride.md#installing-vhsm) or any other authentication credential. ## Step-by-step Guide ### Creating an attestation report Run the following command in the enclave VM ```bash vhsm nitride attestation -provider= generate dump ``` where the attestation `provider` denotes the structure of the attestation report. For details, see [attestation](/nitride/documentation/concepts/attestation.md) concept. **Example output:** ```json5 {"Version":1, "Provider":"aws-sev-snp-raw", "Attestation": {"Version":1, "Product":"Milan", "Report":"BAAAAAAAAAAAAAMAAA...", "Vlek":"MIIFIzCCAtegAwIBAgIB...", "Data":"eyJOb25jZSI6ImR1bXAiLCJEYXRhIjpudWxsfQ==" }} ``` The report is attested using a Versioned Loaded Endorsement Key (VLEK), an attestation key that AWS loads directly into the Platform Security Processor. #### Understanding the AWS SEV-SNP Attestation Document This section explains the structure of an attestation report from an AWS instance using AMD SEV-SNP (Secure Encrypted Virtualization - Secure Nested Paging). The JSON response confirms the integrity and identity of the confidential virtual machine. #### Key Components The JSON response is organized into several key-value pairs at the top level. * `Version`: `1` * Indicates the version of the overall attestation format. * `Provider`: `aws-sev-snp-raw` * Identifies the provider as **AWS** and the technology as **SEV-SNP**. The `raw` suffix means the response includes the complete, unmodified AMD hardware report and the VLEK certificate. * `Data` (Base64 Encoded) * This is user-provided data that gets embedded directly into the hardware attestation report to prevent replay attacks. * **Decoded:** `{"Nonce":"dump", "Data":null}` * **`Nonce`**: A "number used once" provided by the client during the attestation request. Verifying that this nonce is present in the final report confirms the report is fresh and not a replay of a previous one. * **`Data`**: An optional field for passing additional user data. * `Attestation` * This contains the core evidence generated by the AMD processor. For more information, see, [Attestation object](#the-attestation-object). * `Vlek` (Base64 Encoded) * A certificate from AWS that endorses the virtual machine's launch environment. For more information, see [Vlek certificate](#vlek-vm-launch-endorsement-key-certificate). #### Attestation object This object contains the evidence generated and signed by the AMD CPU's Secure Processor. * `Version`: `1` * The version of the hardware report format itself. * `Product`: `Milan` * Specifies the AMD EPYC processor generation (3rd Gen "Milan"). * `Report` (Base64 Encoded) * The cryptographic report from the SEV-SNP hardware. It is signed by the processor and contains crucial integrity measurements: * **`MEASUREMENT`**: A cryptographic hash of the initial memory contents of the VM, proving the code has not been tampered with. * **`REPORT_DATA`**: Contains the user-provided `Nonce` and `Data` from the top-level field. This binds the hardware report to a specific attestation request. * **`POLICY`**: Defines the security policies enforced for the VM (e.g., whether debugging is disabled). * **`SIGNATURE`**: The cryptographic signature over the report, created by a key that chains back to AMD's hardware root of trust. #### Vlek (VM Launch Endorsement Key) certificate The VLEK is a certificate from AWS that adds a layer of trust. Instead of validating the report directly against AMD's public keys, you validate it against this AWS-provided certificate. * **Purpose**: The VLEK serves as AWS's guarantee that the SEV-SNP environment is legitimate and configured correctly within their infrastructure. It links the hardware-level trust from AMD to the infrastructure-level trust from AWS. The public key in this certificate is used to verify the `Signature` on the `Attestation Report`. * **Certificate Details (Decoded)**: * **`Subject`**: `CN=SEV-VLEK, O=Advanced Micro Devices, Inc., ...` * Identifies the certificate as a VLEK for an AMD SEV platform. * **`Issuer`**: `CN=SEV-VLEK-Milan, O=Advanced Micro Devices, Inc., ...` * Identifies the certificate authority that signed this VLEK, specific to the Milan processor generation. * **`Validity`**: `Jun 10 02:30:15 2025 GMT` to `Jun 10 02:30:15 2026 GMT` * The time window during which this VLEK is considered valid. * **`Extensions`**: These custom fields contain critical metadata. * `1.3.6.1.4.1.33136.2.2.1`: Product name (`Milan`). * `1.3.6.1.4.1.33136.2.2.2`: AWS endpoint (`cc-eu-west-1.amazonaws.com`), confirming the report originated from the `eu-west-1` region. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.enclaive.cloud/nitride/documentation/getting-started/hello-attestation-world.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.