Production Setup
The Quickstart guide for the Anjuna Confidential Container focused on a development workflow.
This section will focus on considerations for production deployment.
Anjuna Policy Manager
Remote attestation at boot-time
It is recommended to configure each application to fetch at least one secret from the Anjuna Policy Manager (APM). This ensures that the APM performs remote attestation on each new Anjuna Confidential Container to confirm it is running the expected software in a secure enclave.
Continuous Integration (CI)
The Anjuna CLI disk create
command builds the disk image that will be measured and deployed.
It should be run on a trusted and secure build server.
An attacker who gains access to the build server could create and sign malicious disk images. If you have authorized APM policies based only on the signature, then the attacker will be able to create malicious enclaves which can read the associated secrets.
Continuous Deployment (CD)
The Anjuna CLI instance create
command uses the Azure API to launch Azure Confidential VMs.
This requires Azure API permissions to create new VM instances.
Monitoring and observability
By design, the Anjuna Confidential Containers created by the Anjuna CLI do not run an SSH server, so you will not be able to directly access log files on the instance. To ensure you can identify and troubleshoot issues with your running application, you can use log aggregation tools like Logstash or Fluentd, or observability tools like OpenTelemetry.