Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ Confidential computing is the protection of data-in-use through isolating comput

| Addition | Description |
|---|---|
| **[Visual Attestation Demo v2 (ACI)](/aci-samples/visual-attestation-demo-v2/README.md)** 🆕 | Simplified ACI port of the AKS visual attestation sample. Flask app calls Microsoft Azure Attestation **directly** via the upstream `get-snp-report` tool — **no SKR sidecar**, single container. Side-by-side Confidential vs Standard SKU deployment demonstrates falsifiability: the same image fails deterministically on Standard (no `/dev/sev-guest`), proving the success case really came from AMD silicon. |
| **[Federated Multi-Party Demo](/multi-party-samples/advanced-app-federated/README.md)** ⭐ | New 4-party (Contoso, Fabrikam, Wingtip Toys, Woodgrove Bank) **federated** analytics demo. Each partner decrypts its own data inside its own AMD SEV-SNP TEE and returns only aggregates — no raw PII ever crosses the trust boundary. Includes a 3-minute [`DEMO-SCRIPT.md`](/multi-party-samples/advanced-app-federated/DEMO-SCRIPT.md). |
| **[CVM samples now support Intel TDX](/vm-samples/README.md)** | [`BuildRandomCVM.ps1`](/vm-samples/BuildRandomCVM.ps1) auto-detects AMD SEV-SNP (`DCa*`/`ECa*`) vs Intel TDX (`DCe*`/`ECe*`, e.g. `Standard_DC2es_v6`) from the chosen VM SKU and runs the matching attestation config. See the [Intel TDX examples](/vm-samples/README.md#intel-tdx-examples) in the VM samples README. |
| **Updated in-VM attestation tooling** | The CVM build script now runs the latest pre-built `attest` binary from [Azure/cvm-attestation-tools](https://github.com/Azure/cvm-attestation-tools/releases/latest) inside the VM (Linux + Windows), then **decodes the returned MAA JWT** (header, payload and key claims like `x-ms-attestation-type` and `x-ms-compliance-status`) using `jq` on Linux and built-in `ConvertFrom-Json` on Windows. The legacy [`WindowsAttest.ps1`](/vm-samples/WindowsAttest.ps1) is kept for reference but is **no longer recommended**. |
Expand Down Expand Up @@ -92,7 +93,8 @@ This repository is organized by Azure service type and deployment method:
### [ACI Samples](/aci-samples/README.md)
Azure Container Instances with AMD SEV-SNP confidential computing:
- **BuildRandomACI.ps1** - Create confidential ACI with hello-world container
- **Visual Attestation Demo** - Interactive web demo with remote attestation via Microsoft Azure Attestation (MAA)
- **Visual Attestation Demo** - Interactive web demo with remote attestation via Microsoft Azure Attestation (MAA) using the SKR sidecar
- **[Visual Attestation Demo v2](/aci-samples/visual-attestation-demo-v2/README.md)** 🆕 - Simplified single-container port that calls MAA **directly** (no SKR sidecar) via the upstream `get-snp-report` tool; `-Compare` mode deploys Confidential + Standard SKUs side-by-side to demonstrate falsifiability
- **[App + PostgreSQL Finance Demo](/aci-samples/app-and-postgreSQL-demo/README.md)** 🆕 - Confidential ACI with DCa/ECa AMD PostgreSQL, 5,000 financial transactions, Application Gateway, and 9 documented threat scenarios
- Side-by-side comparison mode (Confidential vs Standard SKU)
- Real-time encryption with SKR-released keys
Expand Down
36 changes: 34 additions & 2 deletions aci-samples/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Azure Container Instances (ACI) Confidential Computing Samples

**Last Updated:** May 2026
**Last Updated:** June 2026

## Overview

Expand Down Expand Up @@ -45,7 +45,8 @@ Scripts and samples for creating Confidential Azure Container Instances (ACIs) u
| Sample | Description |
|--------|-------------|
| `BuildRandomACI.ps1` | PowerShell script to create a confidential ACI with a hello-world container |
| [Visual Attestation Demo](visual-attestation-demo/README.md) | Interactive web application demonstrating remote attestation via Microsoft Azure Attestation (MAA) |
| [Visual Attestation Demo](visual-attestation-demo/README.md) | Interactive web application demonstrating remote attestation via Microsoft Azure Attestation (MAA) using the SKR sidecar |
| [Visual Attestation Demo v2](visual-attestation-demo-v2/README.md) 🆕 | Simplified ACI port that calls MAA **directly** from the Flask app via the upstream `get-snp-report` tool (no SKR sidecar). Side-by-side Confidential vs Standard SKU deployment to demonstrate falsifiability. |
| [App + PostgreSQL Finance Demo](app-and-postgreSQL-demo/README.md) 🆕 | Confidential ACI with DCa/ECa AMD PostgreSQL, 5,000 financial transactions, Application Gateway, and 9 threat scenarios |

---
Expand Down Expand Up @@ -107,3 +108,34 @@ cd visual-attestation-demo
```

See [visual-attestation-demo/README.md](visual-attestation-demo/README.md) for complete documentation.

---

## Visual Attestation Demo v2 (direct MAA, no SKR sidecar)

A simpler ACI port of the AKS visual attestation sample. The Flask app calls Microsoft Azure Attestation **directly** from inside a single container — no SKR sidecar — by invoking the upstream [`get-snp-report`](https://github.com/microsoft/confidential-sidecar-containers/tree/main/tools/get-snp-report) tool against `/dev/sev-guest`, then POSTing the SNP report plus THIM cert chain and UVM endorsements to `https://<maa>/attest/SevSnpVm`.

### Features
- **No SKR sidecar** — single container, single process tree
- **Direct MAA call** from Python with `get-snp-report` baked into the image (multi-stage build)
- **Side-by-side Confidential vs Standard SKU** via `-Compare` — same image, deterministic Standard-SKU failure (`/dev/sev-guest` absent) proves the success case really came from AMD silicon
- **CCE policy** auto-generated with `az confcom acipolicygen` on Confidential deploys
- Renders the decoded MAA JWT with `x-ms-sevsnpvm-*` claims and the raw hardware evidence

### Quick Start
```powershell
cd visual-attestation-demo-v2

# Build, deploy both SKUs side-by-side, and open both URLs in the browser
.\Deploy-VisualAttestationV2.ps1 -Compare

# Or step-by-step
.\Deploy-VisualAttestationV2.ps1 -Build
.\Deploy-VisualAttestationV2.ps1 -Deploy # Confidential SKU
.\Deploy-VisualAttestationV2.ps1 -Deploy -NoAcc # Standard SKU

# Tear everything down
.\Deploy-VisualAttestationV2.ps1 -Cleanup
```

See [visual-attestation-demo-v2/README.md](visual-attestation-demo-v2/README.md) for the full flow, screenshots of both SKUs, and a feature comparison with the AKS sample.
Loading
Loading