diff --git a/docs/node/run-your-node/prerequisites/cloud-providers.md b/docs/node/run-your-node/prerequisites/cloud-providers.md new file mode 100644 index 0000000000..363ab6428b --- /dev/null +++ b/docs/node/run-your-node/prerequisites/cloud-providers.md @@ -0,0 +1,70 @@ +# Cloud Providers + +If you are aware of more cloud or dedicated server providers that activey support Intel SGX or Intel TDX, or have updated information about the providers listed on this page, please [create an issue on Github](https://github.com/oasisprotocol/docs/issues/new) with the additional details. + +Before committing to a service be sure to verify the processor compatibility and enquire with the provider about the status of Intel SGX support. Intel maintains a comprehensive list of processors that support Intel SGX: + + * https://www.intel.com/content/www/us/en/architecture-and-technology/software-guard-extensions-processors.html + + +## Possible Limitations + +While many bare-metal or dedicated server providers use Intel processors that support SGX, there are potential limitations: + + 1. **BIOS Configuration:** Some providers may not allow customers to access or modify BIOS settings, which is necessary to enable SGX. + 2. **Outdated Firmware:** SGX requires up-to-date firmware. Some providers may not maintain their systems with the latest firmware updates, preventing SGX from functioning correctly. + 3. **Lack of SGX-specific Offerings:** Many providers may not advertise or specifically offer SGX-enabled servers, making it difficult for customers to know if the feature is available. + 4. **Limited Support:** Even if SGX is available, the provider's support team may not be familiar with SGX-specific issues or configurations. + 5. **Hardware Provisioning:** If you use keys (such as SGX sealing keys) that are bound to hardware to encrypt the data of an instance within an Intel SGX enclave, the encrypted data cannot be decrypted after the host of the instance is changed. + +## Known Providers + +### [OVH](https://www.ovhcloud.com/) + +* Last Updated: 2024-09-25 + +OVH hsa explicit support for Intel SGX on their bare-metal servers, https://www.ovhcloud.com/en/bare-metal/prices/?use_cases=confidential-computing + +### [Azure](https://azure.microsoft.com/) + +* Last Updated: 2024-09-25 + +Microsoft Azure has explicit support for Intel SGX in several of their 'Dedicated Host' SKUs. For further information refer to their page regarding [Solutions on Azure for Intel SGX](https://learn.microsoft.com/en-us/azure/confidential-computing/virtual-machine-solutions-sgx) + +### [Gcore](https://gcore.com) + +* Last Updated: 2024-09-25 + +The Gcore Cloud VM has explicit support for Intel SGX in several locations. For further information refer to their page regarding [Computing with Intel SGX](https://gcore.com/cloud/intel-sgx). + +### [PhoenixNAP](https://phoenixnap.com/) + +* Last Updated: 2024-09-25 + +PhoenixNAP explicitly supports Intel SGX via their [Bare Metal Cloud](https://phoenixnap.com/bare-metal-cloud) service offering. Refer to their documentation regarding [What is Intel SGX and What are the Benefits?](https://phoenixnap.com/kb/intel-sgx) for further informatoin + +### [Alibaba Cloud](https://www.alibabacloud.com) + +* Last Updated: 2024-09-25 + +The [Alibaba Cloud Elastic Compute Service (ECS) Bare Metal Instances](https://www.alibabacloud.com/en/product/ebm) have explicit support for Intel SGX and Intel TDX. + +For further information, refer to the documentation regarding [Build an SGX confidential computing environment](https://www.alibabacloud.com/help/en/ecs/user-guide/build-an-sgx-encrypted-computing-environment?spm=a2c63.p38356.0.0.124f219aylUsiz) for additional information including which instance families support SGX. + +### [IBM Cloud](https://cloud.ibm.com/) + +* Last Updated: 2024-09-25 + +IBM's Virtual Private Cloud (VPC) explicitly supports Intel SGX, for more information see their documentation regarding [Confidential computing with Intel Software Guard Extensions (SGX) for Virtual Servers for VPC](https://cloud.ibm.com/docs/vpc?topic=vpc-about-sgx-vpc). + +From: https://www.ibm.com/cloud/intel + +> Protect your data not only at rest and in transit, but also in use, and prioritize your cloud compute performance with 4th Gen Intel® Xeon® processing power that secures as much as it scales. IBM Cloud Virtual Servers for VPC now deliver Intel® SGX® confidential computing application security that isolates and protects selected code and data from modification through hardened enclaves and trusted execution modules. Innovate with confidence across the fastest-growing workloads in AI, analytics, multi-party compute, and digital assets. + +### [Vultr](https://www.vultr.com/) + +* Last Updated: 2024-09-25 + +Vultr may support Intel SGX on their [Vultr Bare Metal](https://www.vultr.com/products/bare-metal/) products. + +A user called Paulius reported in 2020 that [Intel SGX development on Vultr](https://zenlot.medium.com/intel-sgx-development-on-vultr-30cdfd5c9754) is possible and provided a guide to configure the bios