Skip to content

Confidential Azure Kubernetes Service (AKS)

Microsoft Azure

A convenient way to operate SCONE-based applications is to use Azure Kubernetes Services (AKS). SCONE is fully compatible with AKS. Very soon, we will release new features to more easily use some of the advanced AKS features:

  • enable Microsoft Azure Attestation (MAA) - as an alternative to using native Intel DCAP - via the SCONE CAS policy, and
  • enable retrieval of secrets from Azure Key Vault (AKV) via SCONE CAS policies.

This will simplify the development and operation of confidential applications. For example, one can develop an application in a local Kubernetes cluster and operate the same application in AKS. In the local cluster, one uses Intel DCAP-based attestation - which ships with the SCONE platform - and secrets generated by SCONE CAS. On AKV, one can use MAA (or, native Intel DCAP) for attestation and retrieve secrets from AKV - via a simple SCONE CAS policy change. This means that there is no need to modify the application. For example, one can inject the secrets retrieved from AKV into configuration files as usually.

In the next sections, we introduce examples on how to execute SCONE-based applications on AKS. This includes

Standard Languages

SCONE supports the following Programming languages:

Standard Applications (SconeApps)

We support a variety of applications on AKS that can be deployed with helm and will add more over time:

Application Description
database Umbrella chart to deploy a scalable, confidential database consisting of MariaDB SCONE and MaxScale SCONE and HAProxy
mariadb Deploy MariaDB SCONE, i.e., MariaDB running inside of SGX enclaves, to Kubernetes
maxscale Deploy MaxScale SCONE, i.e., Maxscale running inside of SGX enclaves and optionally, an HAProxy as Ingress
memcached Deploy memcached inside of SGX enclaves, generate and inject TLS certificates to secure communication.
openvino OpenVINO (Open Visual Inference and Neural network Optimization) is a toolkit facilitating the optimization and deployment of Deep Learning models
pytorch Deploy pytorch inside of SGX enclaves.
spark Apache Spark is an open-source distributed general-purpose cluster-computing framework.
tensorflow Machine Learning framework by Google
tensorflowlite Deploy machine learning models
Visual Studio Code Deploy VisualStudio Code and the SCONE CrossCompiler to be able to edit and run your confidential applications inside of a Kubernetes cluster.
Zookeeper Deploy Zookeeper cluster inside of SGX enclaves.

Individual Applications

We show next how to sconify an existing container image such that

  • the application can be executed securely inside of an SGX enclave, and
  • all files are encrypted by SCONE.

The community edition requires the existence of an already sconified binary of another image while the standard edition can covert an existing binary to run inside of SGX enclaves.

Setup Steps

  • First, you need to get access to confidential AKS.

  • Second, you need to set up helm, SGX Plugin, and LAS. Note that you can use the AKS SGX Plugin instead of the SCONE SGX Plugin.

    To run LAS on Azure Icelake machines (standalone VMs or AKS nodepools) and perform the local attestation of SCONE applications, some Azure-specific libraries are required. For that matter, we provide a special image crafted for Azure, that must be used if running on Azure:

  • Third, you deploy your application or a SconeApps like MariaDB.