Intel Trust Authority Client Tutorial - Intel TDX Attestation on GCP
· 12/19/2024 ·
This tutorial provides steps to deploy a demo app that uses the Intel® Trust Authority client when securing an application using Intel® Trust Domain Extensions (Intel® TDX) on on Google Cloud Platform***** (GCP).
The demo application, built for Intel TDX, uses the Intel Trust Authority client to retrieve evidence from the platform and request an attestation from Intel Trust Authority. This demonstrates a simple passport attestation model (stopping before involving a relying party). The application's output is the resulting attestation token. The demo application can be used as a workflow reference for your applications.
Creating a CVM with Intel TDX on GCP
Create a Confidential VM (CVM) that supports Intel TDX on GCP, with the following attributes:
Virtual machine name - Give your virtual machine a name
Machine type: c3-standard-4
Zone: us-central1-a
Confidential compute type: TDX
Maintenance policy: TERMINATE
Image family: ubuntu-2204-lts
Image project: ubuntu-os-cloud
Note
The availability of confidential VMs with Intel TDX images and sizes in specific regions and availability zones is dynamic and may change. This tutorial uses US Cental a as an example. If you're outside North America, you may need to select a different region and availability zone. Check the Google Products by Region page to find the regions and availability zones with available Confidential VM with Intel TDX support.
To get a list of compute images for Intel TDX, use the following command in Cloud Shell.
gcloud compute images list --filter="guestOsFeatures[].type:(TDX_CAPABLE)"
To create a GCP CVM with Intel TDX, perform the following steps.
Sign in to GCP here.
Select the option to Create a VM.
Open the Cloud Shell by selecting the terminal icon in the upper right of the screen. The Cloud Shell terminal displays.
The following is an example of creating a CVM in the Cloud Shell with Ubuntu* 22.04 LTS Intel TDX.
gcloud compute instances create gcp-tdx-vm \ --machine-type=c3-standard-4 \ --zone=us-central1-a \ --confidential-compute-type=TDX \ --maintenance-policy=TERMINATE \ --image-family=ubuntu-2204-lts \ --image-project=ubuntu-os-cloud
Once the CVM is created, you should have information display details in the Cloud Shell such as name, zone, machine type, IP addresses, and status. Refresh the browser to view the CVM in the VM Instances list.
Connect to the CVM via SSH
After the CVM is created, exit the Cloud Shell terminal and connect to the CVM via SSH. You can connect in the browser with the following steps.
Select the drop-down arrow for SSH in the Connect category for your VM.
Select Open in browser window.
After this selection, you will have a SSH in browser window display. In this step, another window displays with a button for you to Authorize.
Select the Authorize button. After authorization you will have a terminal display, in the browser, connected via SSH to your CVM.
GCP CVM Intel TDX prerequisites
In this section, you will verify tdx is active, install required packages, and login to github.
To verify that the CVM is Intel TDX enabled, use the following command. This should print
Memory Encryption Features active: TDX. If this is missing, Intel TDX is not enabled. In that case, check to see that the parameters are correct.sudo dmesg | grep -i tdx
CVM setup is now complete. You can now proceed to install the Intel Trust Authority Attestation Client CLI.
Install and configure the Attestation Client CLI
The Intel Trust Authority CLI client provides a command-line wrapper for Golang client libraries. Follow these steps to install and configure the Intel Trust Authority Attestation Client CLI.
Go 1.22 or later is required to run the Attestation Client CLI. The following commands install Go on Ubuntu 22.04 LTS.
wget https://go.dev/dl/go1.23.1.linux-amd64.tar.gz;ls sudo tar -xvf go1.23.1.linux-amd64.tar.gz -C /usr/local export PATH=$PATH:/usr/local/go/binVerify that Go is installed correctly by running
go version. The output should be similar togo version go1.23.1 linux/amd64.Install the Attestation Client CLI. This script will install the Attestation Client CLI and its dependencies. You might need to restart one or more services.
curl -sL https://raw.githubusercontent.com/intel/trustauthority-client-for-go/main/release/install-tdx-cli.sh | sudo bash -
Verify the Attestation Client CLI is installed correctly by running trustauthority-cli version.
Configure your API key and any desired policy to evaluate. Set the attestation API key and attestation endpoint.
Create config.json.
touch config.jsonYou must configure certain properties before using the token and verify commands. The properties and values are saved as JSON in config.json. The config.json requires the following properties:
cat <<EOF> config.json { "trustauthority_api_url": "https://api.trustauthority.intel.com", "trustauthority_api_key": "<attestation api key>" } EOFNote
If you are in the European Union (EU) region, use the following Intel Trust Authority URL:
"trustauthority_api_url": "https://api.eu.trustauthority.intel.com"
Demonstrate attestation of Intel TDX on GCP
This section takes you through the steps to attest your confidential virtual machine (CVM) with the Intel Trust Authority Attestation Client CLI.
Display evidence for Intel TDX. This displays the evidence that would be sent to the Intel Trust Authority verifier for attestation.
sudo trustauthority-cli evidence --tdx -c config.json[DEBUG] GET https://api.trustauthority.intel.com/appraisal/v2/nonce { "tdx": { "runtime_data": null, "quote": "BA... AA=", "event_log": "W3...1d=", "verifier_nonce": { "val": "cV...Q==", "iat": "M...EM=", "signature": "vc...L" } } }Generate an Intel TDX attestation token. The token command automatically collects evidence from TDX, and sends it to Intel Trust Authority for attestation. The output will be an attestation token containing the claims for Intel TDX.
sudo trustauthority-cli token -c config.json
You can experiment with the other trustauthority-cli commands. To see them all, run trustauthority-cli --help. When you're done experimenting, you can delete the resource group to free up all the resources you created for this tutorial.
For more information about Intel TDX see the Intel TDX main page.
For more information, see the Intel Trust Authority Attestation Client CLI documentation.
* Other names and brands may be claimed as the property of others.