# AMD SEV-SNP for Amazon EC2 instances
AMD Secure Encrypted Virtualization-Secure Nested Paging (AMD SEV-SNP) is a CPU feature that provides the following properties:
+ **Attestation** – AMD SEV-SNP enables you to retrieve a signed attestation report that contains a cryptographic measure that can be used to validate the instance’s state and identity, and that it is running on genuine AMD hardware. For more information, see [Attest an Amazon EC2 instance with AMD SEV-SNP](snp-attestation.md).
+ **Memory encryption** – Starting with AMD EPYC (Milan), AWS Graviton2, and Intel Xeon Scalable (Ice Lake) processors, instance memory is always encrypted. Instances that are enabled for AMD SEV-SNP use an instance-specific key for their memory encryption.
**Topics**
+ [
## Concepts and terminology
](#snp-concepts)
+ [
## Requirements
](#snp-requirements)
+ [
## Considerations
](#snp-considerations)
+ [
## Pricing
](#snp-pricing)
+ [Find supported instance types](snp-find-instance-types.md)
+ [Enable AMD SEV-SNP](snp-work-launch.md)
+ [Attestation with AMD SEV-SNP](snp-attestation.md)
## Concepts and terminology
Before you begin using AMD SEV-SNP, ensure that you are familiar with the following concepts and terminology.
**AMD SEV-SNP attestation report**
The AMD SEV-SNP attestation report is a document that an instance can request from the CPU. The AMD SEV-SNP attestation report can be used to validate the state and identity of an instance, and to verify that it is running in a sanctioned AMD environment. The report includes a launch measurement, which is a cryptographic hash of the initial boot state of an instance, including its initial instance memory contents and initial state of the vCPUs. The AMD SEV-SNP attestation report is signed with a VLEK signature that chains back to an AMD root of trust.
**VLEK**
The Versioned Loaded Endorsement Key (VLEK) is a versioned signing key that is certified by AMD and used by the AMD CPU to sign the AMD SEV-SNP attestation reports. VLEK signatures can be validated using certificates provided by AMD.
**OVMF binary**
The Open Virtual Machine Firmware (OVMF) is the early-boot code that is used to provide a UEFI environment for the instance. The early-boot code is run before the code in the AMI is booted. The OVMF also finds and runs the boot loader provided in the AMI. For more information, see the [OVMF repository](https://github.com/tianocore/tianocore.github.io/wiki/OVMF).
## Requirements
To use AMD SEV-SNP, you must do the following:
+ Use one of the following supported instance types:
+ **General purpose**: `m6a.large` \$1 `m6a.xlarge` \$1 `m6a.2xlarge` \$1 `m6a.4xlarge` \$1 `m6a.8xlarge`
+ **Compute optimized**: `c6a.large` \$1 `c6a.xlarge` \$1 `c6a.2xlarge` \$1 `c6a.4xlarge` \$1 `c6a.8xlarge` \$1 `c6a.12xlarge` \$1 `c6a.16xlarge`
+ **Memory optimized**: `r6a.large` \$1 `r6a.xlarge` \$1 `r6a.2xlarge` \$1 `r6a.4xlarge`
+ Launch your instance in a supported AWS Region. Currently, only US East (Ohio) and Europe (Ireland) are supported.
+ Use an AMI with `uefi` or `uefi-preferred` boot mode and an operating system that supports AMD SEV-SNP. For more information about AMD SEV-SNP support on your operating system, refer to the respective operating system's documentation. For AWS, AMD SEV-SNP is supported on AL2023, RHEL 9.3, SLES 15 SP4, and Ubuntu 23.04 and later.
## Considerations
You can only enable AMD SEV-SNP when you launch an instance. When AMD SEV-SNP is enabled for your instance launch, the following rules apply.
+ After it is enabled, AMD SEV-SNP can't be disabled. It remains enabled throughout the instance lifecycle.
+ You can only [change the instance type](ec2-instance-resize.md) to another instance type that supports AMD SEV-SNP.
+ Hibernation and Nitro Enclaves aren't supported.
+ Dedicated Hosts aren't supported.
+ If the underlying host for your instance is scheduled for maintenance, you'll receive a scheduled event notification 14 days before the event. You must manually stop or restart your instance to move it to a new host.
## Pricing
When you launch an Amazon EC2 instance with AMD SEV-SNP enabled, you are charged an additional hourly usage fee that is equivalent to 10 percent of the [On-Demand hourly rate](https://aws.amazon.com/ec2/pricing/on-demand/) of the selected instance type.
This AMD SEV-SNP usage fee is a separate charge to your Amazon EC2 instance usage. Reserved Instances, Savings Plans, and operating system usage don't impact this fee.
If you configure a Spot Instance to launch with [AMD SEV-SNP](#sev-snp) enabled, you are charged an additional hourly usage fee that is equivalent to 10 percent of the [On-Demand hourly rate](https://aws.amazon.com/ec2/pricing/on-demand/) of the selected instance type. If the allocation strategy uses price as an input, Spot Fleet does not include this additional fee; only the Spot price is used.
# Find EC2 instance types that support AMD SEV-SNP
You can find instance types that support AMD SEV-SNP. The Amazon EC2 console does not display this information for an instance type.
------
#### [ AWS CLI ]
**To find the instance types that support AMD SEV-SNP**
Use the following [https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instance-types.html](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instance-types.html) command.
```
aws ec2 describe-instance-types \
--filters Name=processor-info.supported-features,Values=amd-sev-snp \
--query 'InstanceTypes[*].[InstanceType]' \
--output text | sort
```
The following is example output.
```
c6a.12xlarge
c6a.16xlarge
c6a.2xlarge
c6a.4xlarge
c6a.8xlarge
c6a.large
c6a.xlarge
m6a.2xlarge
m6a.4xlarge
m6a.8xlarge
m6a.large
m6a.xlarge
r6a.2xlarge
r6a.4xlarge
r6a.large
r6a.xlarge
```
------
#### [ PowerShell ]
**To find the instance types that support AMD SEV-SNP**
Use the [Get-EC2InstanceType](https://docs.aws.amazon.com/powershell/latest/reference/items/Get-EC2InstanceType.html) cmdlet.
```
(Get-EC2InstanceType `
-Filter @{Name="processor-info.supported-features"; Values="amd-sev-snp"}).InstanceType.Value | Sort-Object
```
The following is example output.
```
c6a.12xlarge
c6a.16xlarge
c6a.2xlarge
c6a.4xlarge
c6a.8xlarge
c6a.large
c6a.xlarge
m6a.2xlarge
m6a.4xlarge
m6a.8xlarge
m6a.large
m6a.xlarge
r6a.2xlarge
r6a.4xlarge
r6a.large
r6a.xlarge
```
------
# Enable AMD SEV-SNP for an EC2 instance
You can launch an instance with AMD SEV-SNP enabled. You can't enable AMD SEV-SNP after launch.
## Launch an instance with AMD SEV-SNP enabled
You can't enable AMD SEV-SNP using the Amazon EC2 console.
------
#### [ AWS CLI ]
**To launch an instance with AMD SEV-SNP enabled**
Use the [https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html](https://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html) command with the `--cpu-options` option. For additional requirements, see [AMD SEV-SNP requirements](sev-snp.md#snp-requirements).
```
--cpu-options AmdSevSnp=enabled
```
------
#### [ PowerShell ]
**To launch an instance with AMD SEV-SNP enabled**
Use the [New-EC2Instance](https://docs.aws.amazon.com/powershell/latest/reference/items/New-EC2Instance.html) cmdlet with the `-CpuOption` parameter.
```
-CpuOption @{AmdSevSnp="enabled"}
```
------
## Check if an EC2 instance is enabled for AMD SEV-SNP
You can find instances that are enabled for AMD SEV-SNP. The Amazon EC2 console does not display this information.
------
#### [ AWS CLI ]
**To check whether AMD SEV-SNP is enabled for an instance**
Use the [https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html) command.
```
aws ec2 describe-instances \
--instance-ids i-1234567890abcdef0 \
--query Reservations[].Instances[].CpuOptions
```
The following is example output. If `AmdSevSnp` is not present in `CpuOptions`, then AMD SEV-SNP is disabled.
```
[
{
"AmdSevSnp": "enabled",
"CoreCount": 1,
"ThreadsPerCore": 2
}
]
```
------
#### [ PowerShell ]
**To check whether AMD SEV-SNP is enabled for an instance**
Use the [Get-EC2Instance](https://docs.aws.amazon.com/powershell/latest/reference/items/Get-EC2Instance.html) cmdlet.
```
(Get-EC2Instance `
-InstanceId i-1234567890abcdef0).Instances.CpuOptions
```
The following is example output. If the value of `AmdSevSnp` is not present, then AMD SEV-SNP is disabled.
```
AmdSevSnp CoreCount ThreadsPerCore
--------- --------- --------------
enabled 1 2
```
------
#### [ AWS CloudTrail ]
In the AWS CloudTrail event for the instance launch request, the following property indicates that AMD SEV-SNP is enabled for the instance.
```
"cpuOptions": {"AmdSevSnp": "enabled"}
```
------
# Attest an Amazon EC2 instance with AMD SEV-SNP
Attestation is a process that allows your instance to prove its state and identity. After you enable AMD SEV-SNP for your instance, you can request an AMD SEV-SNP attestation report from the underlying processor. The AMD SEV-SNP attestation report contains a cryptographic hash, called the launch measurement, of the initial guest memory contents and initial vCPU state. The attestation report is signed with a VLEK signature that chains back to an AMD root of trust. You can use the launch measurement included in the attestation report to validate that the instance is running in a genuine AMD environment and to validate the initial boot code that was used to launch the instance.
**Prerequisite**
Launch an instance that is enabled for AMD SEV-SNP. For more information, see [Enable AMD SEV-SNP for an EC2 instance](snp-work-launch.md).
**Topics**
+ [
## Step 1: Get the attestation report
](#snp-att-get-report)
+ [
## Step 2: Validate the attestation report signature
](#snp-att-validate-signature)
## Step 1: Get the attestation report
In this step, you install and build the `snpguest` utility, and then use it to request the AMD SEV-SNP attestation report and certificates.
1. Connect to your instance.
1. Run the following commands to build the `snpguest` utility from the [https://github.com/virtee/snpguest](https://github.com/virtee/snpguest).
```
$ git clone https://github.com/virtee/snpguest.git
$ cd snpguest
$ cargo build -r
$ cd target/release
```
1. Generate a request for the attestation report. The utility requests the attestation report from the host, and writes it to a binary file with the provided request data.
The following example creates a random request string, and uses it as the request file (`request-file.txt`). When the command returns the attestation report it's stored in the file path that you specify (`report.bin`). In this case, the utility stores the report in the current directory.
```
$ ./snpguest report report.bin request-file.txt --random
```
1. Request the certificates from host memory, and store them as PEM files. The following example stores the files in the same directory as the `snpguest` utility. If certificates already exist in the specified directory, those certificates are overwritten.
```
$ ./snpguest certificates PEM ./
```
## Step 2: Validate the attestation report signature
The attestation report is signed with a certificate, called the Versioned Loaded Endorsement Key (VLEK), which is issued by AMD for AWS. In this step, you can validate that the VLEK certificate is issued by AMD, and that the attestation report is signed by that VLEK certificate.
1. Download the VLEK root of trust certificates from the official AMD website to the current directory.
```
$ sudo curl --proto '=https' --tlsv1.2 -sSf https://kdsintf.amd.com/vlek/v1/Milan/cert_chain -o ./cert_chain.pem
```
1. Use `openssl` to validate that the VLEK certificate is signed by the AMD root of trust certificates.
```
$ sudo openssl verify --CAfile ./cert_chain.pem vlek.pem
```
The following is example output.
```
vlek.pem: OK
```
1. Use the `snpguest` utility to validate that the attestation report is signed by the VLEK certificate.
```
$ ./snpguest verify attestation ./ report.bin
```
The following is example output.
```
Reported TCB Boot Loader from certificate matches the attestation report.
Reported TCB TEE from certificate matches the attestation report.
Reported TCB SNP from certificate matches the attestation report.
Reported TCB Microcode from certificate matches the attestation report.
VEK signed the Attestation Report!
```