Introduction

Confidential VM technology such as Google Cloud Platform (GCP) Confidential VM and Microsoft Azure Confidential VM provides a way to run applications in a virtual machine on AMD Secure Encrypted Virtualization (SEV) systems. This enables application developers to use hardware-accelerated memory encryption for data-in-use to prevent access to the memory and CPU of the running applications.

Using the Anjuna Seaglass Platform, you can create an Anjuna Confidential Container, which augments the architecture provided by the cloud service provider. The Anjuna Confidential Container securely runs an existing containerized application in a GCP Confidential VM or Azure Confidential VM, including securely distributing secrets to that application. No application changes are required.

In this document, you will learn about using the Anjuna CLI for SEV to build and run an Anjuna Confidential Container.

About this Document

This guide is structured as follows:

Quickstart Guide for the Anjuna Confidential Container explains how to obtain and set up the Anjuna CLI for SEV. It walks you through using the Anjuna CLI to create and run an Anjuna Confidential Container, which is protected by a secure enclave.
Advanced Topics delves into attestation and secrets management.
The Command Reference is a reference to the command-line tools distributed with the Anjuna software.
The Configuration Reference explains the configuration options used to control the behavior of the Anjuna Confidential Container.