Production setup

The Quickstart guide for the Anjuna Confidential Container focused on a development workflow.

This section will focus on considerations for production deployment.

Anjuna Policy Manager

Remote attestation at boot-time

It is recommended to configure each application to fetch at least one secret from the Anjuna Policy Manager (APM). This ensures that the APM performs remote attestation on each new Anjuna Confidential Container to confirm it is running the expected software in a secure enclave.

Continuous Integration (CI)

The Anjuna CLI disk create command builds the disk image that will be measured and deployed. It should be run on a trusted and secure build server.

An attacker who gains access to the build server could create and sign malicious disk images. If you have authorized APM policies based only on the signature, then the attacker will be able to create malicious enclaves that can read the associated secrets.

Continuous Deployment (CD)

The Anjuna CLI instance create command uses your cloud service provider’s API to launch Anjuna Confidential Containers. This requires Microsoft Azure or Google Cloud API permissions to create new VM instances.

Monitoring and observability

By design, the Anjuna Confidential Containers created by the Anjuna CLI do not run an SSH server, so you will not be able to directly access log files on the instance. To ensure you can identify and troubleshoot issues with your running application, you can use log aggregation tools like Logstash or Fluentd, or observability tools like OpenTelemetry.