Confidential Containers is an open source community working to leverage Trusted Execution Environments to protect containers and data and to deliver cloud native confidential computing.
Release v0.1.0 is Live! See Release Notes or Quickstart Guide
Our key considerations are:
- Allow cloud native application owners to enforce application security requirements
- Transparent deployment of unmodified containers
- Support for multiple TEE and hardware platforms
- A trust model which separates Cloud Service Providers (CSPs) from guest applications
- Least privilege principles for the Kubernetes cluster administration capabilities which impact delivering Confidential Computing for guest applications or data inside the TEE
- Kubernetes Operator for Confidential Computing : An operator to deploy confidential containers runtime (and required configs) on a Kubernetes cluster
