Conclusion

The AWS Nitro System offers a unique set of capabilities that allow it to support the most sensitive workloads in a multi-tenanted, hyper-scale cloud environment. These capabilities are based on the AWS investment in custom silicon and associated firmware in order to create a virtualization stack tuned specifically for this custom silicon. Since the beginning of 2018, all new Amazon EC2 instance types are based on the AWS Nitro System, providing customers with all the security and other benefits discussed in this paper. In light of these deep technology investments and the excellent AWS track record of workload isolation, customers can rely on AWS compute environments to provide excellent security for their most sensitive workloads.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Nitro System security in context

Contributors