Setup

Note: If you started Nitride by using the vhsm nitride init command then, it performs a series of operations to configure and secure your environment:

Creates essential Nitride identities, including: platform, firmware, and workload
Creates and attaches a Nitride policy from an embedded policy configuration.
Generates attestation objects based on your setup.
Bootstraps the environment to allow secure workload attestation and the issuance of access tokens with the appropriate permissions.

Create an Attestation Policy

Define the policy and metadata for the attestation session in a JSON file. Create attestation.json file using an editor of your choice.

{
  "name": "Azure MariaDB",
  "description": "A small Azure VM running MariaDB",
  "events": "http://localhost:8000",
  "policy": "azure-dc2asv5-raw"
}

Output

Key            Value
---            -----
created        1752752829
description    A small Azure VM running MariaDB
events         http://localhost:8000
name           Azure MariaDB
namespace      n/a
nonce          E5a8XdpQhg7f9ET0VMXIJT6HftUrvMWCob2Ki4B5EyEKn_MrekFjYRO_NzKc_ppUcSIXGSptY0bVrrI1tAQt_g==
policy         azure-dc2asv5-raw
updated        1752752873
uuid           f43042c2-3ac6-43fd-be0a-efbfd2c5b419

In this output, the UUID f43042c2-3ac6-43fd-be0a-efbfd2c5b419 uniquely identifies the attestation session and it is attached to the policy azure-dc2asv5-raw .

Last updated 2 days ago

Was this helpful?