Secure Key Release feature with AKV and Azure Confidential Computing (ACC)
Secure Key Release (SKR) is a functionality of Azure Key Vault (AKV) Managed HSM and Premium offering. Secure key release enables the release of an HSM protected key from AKV to an attested Trusted Execution Environment (TEE), such as a secure enclave, VM based TEEs etc. SKR adds another layer of access protection to your data decryption/encryption keys where you can target an application + TEE runtime environment with known configuration get access to the key material. The SKR policies defined at the time of exportable key creation govern the access to these keys.
SKR can only release keys based on the Microsoft Azure Attestation (MAA) generated claims. There's a tight integration on the SKR policy definition to MAA claims.
The below steps are for AKV Premium.
Follow the details here for Az CLI based AKV creation
Make sure to set the value of [--sku] to "premium".
A Secure Key Release Policy is a json format release policy as defined here that specifies a set of claims required in addition to authorization to release the key. The claims here are MAA based claims as referenced here for SGX and here for AMD SEV-SNP CVM.
Visit the TEE specific examples page for more details. For more information on the SKR policy grammar, see Azure Key Vault secure key release policy grammar.
Before you set an SKR policy make sure to run your TEE application through the remote attestation flow. Remote attestation isn't covered as part of this tutorial.
Example
{
"version": "1.0.0",
"anyOf": [ // Always starts with "anyOf", meaning you can multiple, even varying rules, per authority.
{
"authority": "https://sharedweu.weu.attest.azure.net",
"allOf": [ // can be replaced by "anyOf", though you cannot nest or combine "anyOf" and "allOf" yet.
{
"claim": "x-ms-isolation-tee.x-ms-attestation-type", // These are the MAA claims.
"equals": "sevsnpvm"
},
{
"claim": "x-ms-isolation-tee.x-ms-compliance-status",
"equals": "azure-compliant-cvm"
}
]
}
]
}
Exact details of the type of key and other attributes associated can be found here.
az keyvault key create --exportable true --vault-name "vault name from step 1" --kty RSA-HSM --name "keyname" --policy "jsonpolicyfromstep3 -can be a path to JSON"
This step can be specific to the type of TEE you're running your application Intel SGX Enclaves or AMD SEV-SNP based Confidential Virtual Machines (CVM) or Confidential Containers running in CVM Enclaves with AMD SEV-SNP etc.
Follow these references examples for various TEE types offering with Azure:
- Application within AMD EV-SNP based CVM's performing Secure Key Release
- Confidential containers with Azure Container Instances (ACI) with SKR side-car containers
- Intel SGX based applications performing Secure Key Release - Open Source Solution Mystikos Implementation
No. The policy attached to SKR only understands MAA claims that are associated to hardware based TEEs.
Can I bring my own attestation provider or service and use those claims for AKV to validate and release?
No. AKV only understands and integrates with MAA today.
Yes. Latest SDK integrated with 7.3 AKV API's support key RELEASE.
Yes, detailed examples by TEE type are listed here.
No. Not at this time.
Azure Container Instance with confidential containers Secure Key Release with container side-cars
CVM on AMD SEV-SNP Applications with Secure Key Release Example