Amazon EC2 支援 NitroTPM 與 UEFI Secure Boot
source link: https://blog.gslin.org/archives/2022/05/27/10721/amazon-ec2-%e6%94%af%e6%8f%b4-nitrotpm-%e8%88%87-uefi-secure-boot/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Amazon EC2 支援 NitroTPM 與 UEFI Secure Boot
也是在清 RSS reader 的時候翻到的公告,在兩個禮拜前 AWS 宣佈 Amazon EC2 支援 NitroTPM 與 UEFI Secure Boot:「Amazon EC2 Now Supports NitroTPM and UEFI Secure Boot」。
NitroTPM 相容於 TPM 2.0 的界面,所以有支援 TPM 2.0 的軟體都可以利用 (像是 Windows 11):
Nitro Trusted Platform Module (NitroTPM) is a virtual device that is provided by the AWS Nitro System and conforms to the TPM 2.0 specification.
之前在研究 LUKS 的時候也有看到 TPM 相關的資料:
Linux Unified Key Setup (LUKS) or dm-verity on Linux are examples of OS-level applications that can leverage NitroTPM too.
然後支援的平台有些限制,只有 Intel 與 AMD 的平台有支援,而且還要扣掉 Xen、Mac 以及 bare metal 的機種:
At the moment, we support all Intel and AMD instance types that supports UEFI boot mode. Graviton1, Graviton2, Xen-based, Mac, and bare-metal instances are not supported.
ARM 那邊有自己的一套,不太玩 TPM 大概可以理解,Xen 大概是不想支援 (停止開發新功能之類的原因),Mac 可能是 Apple 的硬體限制,最後的 bare metal 是因為沒辦法虛擬化?
然後這個功能不另外收費,看起來幾乎是全球性一次更新:
There is no additional cost for using NitroTPM. It is available today in all AWS Regions, including the AWS GovCloud (US) Regions, except in China.
Related
AWS 推出 c7g 機種
AWS 在 Amazon EC2 產品線上推出了新一代的 ARM 產品,AWS Graviton3 架構,c7g 系列機種:「New – Amazon EC2 C7g Instances, Powered by AWS Graviton3 Processors」。 Graviton3 宣稱比 Graviton2 多 25% 的一般性效能,以及多了一倍的浮點效能,還有 DDR5 的頻寬優勢: Our next generation, Graviton3 processors, deliver up to 25 percent higher performance, up to 2x higher floating-point performance, and 50 percent faster…
May 24, 2022In "AWS"
EC2 總算支援透過 Serial Console 操作了...
以往 Amazon EC2 的機器爛到開不起來時只能「看」到 Console 的輸出,然後要把 root volume 掛到其他機器上修正,接著再掛回來 (然後沒修好就要再重複...),現在總算可以透過 EC2 Serial Console 來操作了:「Troubleshoot Boot and Networking Issues with New EC2 Serial Console」。 不過裡面有一些限制,首先機器必須是基於 AWS Nitro System,這個部份在「Amazon EC2 Instance Types」這邊可以翻到是不是 Nitro,比較新的 family type 應該都是 (像是 t3/t3a/t4g 都是 Nitro,但 t2 不是): EC2 Serial Console access is available for EC2 instances based…
March 31, 2021In "AWS"
Amazon EC2 推出 c6a 的機器
Amazon EC2 以新的 AMD 架構 (雖然也推出一陣子了) 的機器推出 c 系列的機種,代號為 c6a:「New – Amazon EC2 C6a Instances Powered By 3rd Gen AMD EPYC Processors for Compute-Intensive Workloads」。 價位上與 c5a 相比便宜一點點,是真的一點點:在 us-east-1 的 c5a.24xlarge 是 US$3.696/hr,而 c6a.24xlarge 是 US$3.672,差 0.65% 左右... (千分之六點五 XD) 所以宣稱的 15% 基本上都是從 CPU 效能提昇貢獻的: Up to 15 percent improvement…
February 15, 2022In "AWS"
Leave a Reply
Your email address will not be published. Required fields are marked *
Comment *
Name *
Email *
Website
Notify me of follow-up comments by email.
Notify me of new posts by email.
To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Learn More)
Post navigation
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK