Skip to content

Comments

docs: Launch AWS instance with SEV-SNP enabled#8

Open
donaldh wants to merge 1 commit intoredhat-et:mainfrom
donaldh:sev-snp
Open

docs: Launch AWS instance with SEV-SNP enabled#8
donaldh wants to merge 1 commit intoredhat-et:mainfrom
donaldh:sev-snp

Conversation

@donaldh
Copy link

@donaldh donaldh commented Feb 9, 2026

No description provided.

lmzuccarelli
lmzuccarelli reviewed Feb 10, 2026
View reviewed changes
Copy link
Collaborator

@lmzuccarelli lmzuccarelli left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One question about AMI compatibility, the AMI envar is it backed by an OS that supports EUFI boot ? and does it have the AMD SEV_SNP kernel drivers ?

hack/amd/README.md
--user-data file://ec2/sev-vm.txt \
--block-device-mappings file://ec2/disk-mappings.json \
--security-group-ids sg-09b8214c642687e97 \
--cpu-options AmdSevSnp=enabled \
Copy link
Collaborator

@lmzuccarelli lmzuccarelli Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@donaldh I suppose this is where all the magic happens ;) for a confidential instance

Copy link
Author

@donaldh donaldh Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep.

hack/amd/README.md
--instance-type c6a.2xlarge \
--key-name donaldh-et-security \
--associate-public-ip-address \
--user-data file://ec2/sev-vm.txt \
Copy link
Collaborator

@lmzuccarelli lmzuccarelli Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This file path looks like its relative - should it not be absolute ?

Copy link
Author

@donaldh donaldh Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Relative paths work fine for me with the AWS CLI.

@donaldh
Copy link
Author

donaldh commented Feb 11, 2026

One question about AMI compatibility, the AMI envar is it backed by an OS that supports EUFI boot ? and does it have the AMD SEV_SNP kernel drivers ?

That AMI is Fedora 42 which has the sev_guest kernel module.

@lmzuccarelli
Copy link
Collaborator

lmzuccarelli commented Feb 12, 2026
edited
Loading

@donaldh - thanks for PR.

From my side it LGTM - I'll wait for @maryamtahhan @PoolPooer to chime in

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lmzuccarelli lmzuccarelli lmzuccarelli left review comments

@PoolPooer PoolPooer Awaiting requested review from PoolPooer

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@donaldh @lmzuccarelli