AWS Launches EC2 Instance Attestation to Cryptographically Verify Virtual Machine Security Across All Regions

AWS rolls out EC2 Instance Attestation across all regions, enabling organizations to cryptographically verify their virtual machines run only approved software configurations through Nitro TPM technology at no extra cost.

• AWS launches EC2 instance attestation, a new security feature that enables customers to cryptographically verify their virtual machines are running approved software configurations using Nitro Trusted Platform Module and Attestable AMIs
• The capability allows organizations to ensure EC2 instances run trusted configurations without operator access, with keys and secrets decrypting through AWS KMS only for instances running approved AMIs
• EC2 Instance Attestation is now available in all AWS regions at no additional cost for the feature itself, competing with similar attestation capabilities offered by Google Cloud and Azure