# Attestation Blueprint

Namespace-based attestation enables secure isolation and management of workloads in multi-tenant environments. Each namespace acts as a logical boundary where policies, identities, and attestations are scoped and enforced independently. This approach is crucial for least privilege, compliance, and scalability, especially when managing sensitive workloads across different teams, applications, or tenants.

You would use namespace-based attestation when:

* You operate in a multi-team or multi-tenant setup, where each unit needs separate trust anchors and policies.
* You want to enforce strong isolation between workloads in dev, staging, and production.
* You're aiming to **audit or track attestations** in a granular way by environment or responsibility.

This ensures that only trusted, verified workloads run in each namespace—backed by signed evidence, TOTP validation, and optional annotations.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.enclaive.cloud/nitride/tutorials/attestation-blueprint.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.