Does Azure attestation provider, provides attest url with sub paths like /sgx?

Rajasekhar Sirasapalli 20 Reputation points
2024-11-25T09:54:23.9366667+00:00

I have created Azure Attestation provide, it gave an url till azure.net, i would like to know more about the sub paths, so i can configure for attestation url in azure vm

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,133 questions
0 comments No comments
{count} votes

Accepted answer
  1. Prrudram-MSFT 26,686 Reputation points
    2024-11-26T05:14:20.16+00:00

    Hello @Rajasekhar Sirasapalli

    To configure the attestation URL for your Azure VM using Azure Attestation, you'll typically use the Attest URI provided when you created the attestation provider. This URI usually follows the format:

    https://<your-attestation-provider-name>.<region>.attest.azure.net
    

    Common Sub Paths

    Here are some common sub-paths you might encounter or need to use:

    /attest: This is the main endpoint for attestation requests. You would send your attestation evidence here.

    /policy: This path is used to manage and retrieve attestation policies associated with your provider.

    /metadata: This endpoint provides metadata about the attestation provider, including supported attestation types and other configurations.

    /signing: This path is used to retrieve the signing certificates for validating the attestation tokens.

    Example Configuration

    When configuring your Azure VM, you would typically set the attestation URL in your application or service that requires attestation. For example, if your attestation provider's name is myattestationprovider and it's located in the westus region, your attestation URL would look like:

    https://myattestationprovider.westus.attest.azure.net/attest
    

    Additional Considerations

    • Ensure that your VM is configured to send the necessary evidence (like TPM or SGX measurements) to the attestation service.
    • You may need to manage policies to define what constitutes a valid attestation.

    Sources: https://learn.microsoft.com/en-us/azure/attestation/overview
    If I have answered your question, please accept this as answer as a token of appreciation and don't forget to thumbs up for "Was it helpful"!


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.