Assigning GPU to Nitro Enclaves #517
Comments
|
Is this still not supported? If not, is it on the roadmap? It would be nice to have an issue to track for this. |
|
+1 |
1 similar comment
|
+1 |
|
Please see this: #543 (comment) |
|
This should be set as a top priority for AWS cloud now, in the light of AI technologies evolving and the appearance of first GPU TEE discrete adapters (Hopper H100 and Blackwell H200 architectures from NVidia) for CC (confidential computing mode) on GPU, and 'cause P5 and P5e EC2 instances with H100 already available in AWS cloud. But looks like Nitro is still not support GPU TEE for AWS cloud and not support enabling discrete adapters on a PCI bus, although the NSM module itself is a virtual (virtio based) PCI device to interact with Nitro hypervisor (hope its code will be published as well, as it is based on KVM - this will improve the chain of trust and will gives improved attestation for all components of the Nitro platform). There are other options available - the KVM/QEMU VMs with support for AMD SEV-SNP or Intel TDX, VM based CPU TEE, and NVidia's Hopper/Blackwell MIG TEE enabled with NVtrust. Guys and gals, you definitely should take this into more closer consideration and implement it ASAP in near perspective. |
Hi, I've been studying using AWS for a while and I'm particularly interested in the Enclaves feature of Nitro system. However, I haven't found a way to attach GPU to a Enclave under a parent instance. Is it possible to attach a vGPU to a Enclave?
The text was updated successfully, but these errors were encountered: