Create a trusted isolation space within an ECS instance with Enclave to protect your applications and data in use.
Background
Data is classified into data at rest, data in transit, and data in use.
-
Encryption protects data at rest and data in transit.
-
Protecting data in use requires confidential computing.
Enclave creates a trusted isolation space within an ECS instance and runs legitimate software in the enclave to protect the confidentiality and integrity of your code and data against malware. It suits industries that require strong data protection, such as finance, Internet, and healthcare.
How Enclave works
Compute resources (vCPUs and memory) within an ECS instance (the primary VM) are split to create an Enclave VM (EVM) as a trusted execution environment. The EVM is secured by:
-
Virtualization-based isolation: the EVM is isolated from the primary VM and other ECS instances.
-
Minimal attack surface: the EVM runs an independent, trusted OS with no persistent storage, interactive connections, or external networking. It communicates with the primary VM only through a vsock-based local secure channel.
The following figure shows how Enclave works.
Enclave provides multi-layer security. The third-generation SHENLONG architecture, with TPM or TCM chips, equips the EVM with vTPM or vTCM devices for enhanced trust. SDKs let you build and manage Enclave environments. For attestation, confidential applications generate attestation materials — including platform data, application information, and signatures — at runtime and verify them through a remote attestation server, which may work with Key Management Service (KMS). Once the primary VM allocates resources to the EVM, the underlying layer isolates them so the primary VM cannot access EVM vCPU or memory resources.
The following figure shows the Enclave architecture.
Limitations
-
Only instance types with four or more vCPUs in the hfg9i, hfc9i, hfr9i, g8i, c8i, and r8i instance families support Enclave.
-
Each ECS instance supports only one enclave.
-
Reserve at least one physical processor core and some memory for the primary VM before using an enclave. The remaining resources can be allocated to the enclave. If hyper-threading is enabled, two hyperthreads from the same core are reserved, so the instance must have at least four vCPUs.
For other limits, see Limits.
Create an Enclave-enabled instance
Creating an Enclave-enabled instance is similar to creating a regular instance. This section covers only the Enclave-specific parameters. For other parameters, see Create an instance with Custom Launch.
-
Go to ECS console - Instance.
In the upper-left corner of the page, select a region and resource group.
-
Click Create Instance and configure the following parameters.
Parameter
Description
Instance Type
Select an instance type with ≥ 4 vCPUs in the hfg9i, hfc9i, hfr9i, g8i, c8i, or r8i instance family.
Image
Select Enclave, then select the Alibaba Cloud Linux 2.1903 LTS 64-bit (UEFI) image.
NoteSelecting Enclave automatically installs a trusted OS.

Instance RAM Role
Select AliyunECSInstanceForYundunSysTrustRole, a service-linked role provided by Alibaba Cloud.
Install the Enclave CLI
-
Use Workbench to connect to the Enclave-enabled instance over SSH.
-
Install the Enclave CLI RPM package.
-
Download the Enclave CLI RPM package.
wget https://enclave-cn-beijing.oss-cn-beijing.aliyuncs.com/download/linux/enclave-cli/x86_64/2.1903/enclave-cli-1.0.8-1.x86_64.rpm -
Install the Enclave CLI.
sudo rpm -ivh enclave-cli-1.0.8-1.x86_64.rpm -
Verify the installation.
enclave-cli --versionIf a version number is returned, the installation succeeded.

-
-
Add the current user to the
deanddockergroups.-
Add the current user to the
degroup:sudo usermod -aG de <username>NoteReplace
<username>with the actual username, for example,test. -
Add the current user to the
dockergroup.sudo usermod -aG docker <username>NoteReplace
<username>with the actual username, for example,test. -
Reconnect to the instance to apply the changes.
-
-
Pre-allocate vCPUs and memory for the enclave.
-
Open
allocator.yaml.sudo vim /etc/ali-enclaves/allocator.yaml -
Press the
ikey to enter Insert mode. -
Set the following parameters:
-
memory_mib: memory allocated to the enclave. Unit: MiB.
-
cpu_count: vCPUs allocated to the enclave.
The following example allocates 1,024 MiB of memory and 2 vCPUs to the enclave.
# Enclave configuration file. # # How much memory to allocate for enclaves (in MiB). memory_mib: 1024 # # How many CPUs to reserve for enclaves. cpu_count: 2 -
-
Press the
Esckey, enter:wq, and then press theEnterkey to save and close the file.
-
-
Start the resource allocation service and enable it on boot.
sudo systemctl start ali-enclaves-allocator.service && \ sudo systemctl enable ali-enclaves-allocator.serviceThe service creates a dedicated vCPU pool for the enclave. This pool is exclusive to the enclave and unavailable to the host instance.
NoteTo change the allocated resources, modify
allocator.yamland restart the service:sudo systemctl restart ali-enclaves-allocator.service -
Check the service status.
systemctl status ali-enclaves-allocator.serviceThe following output indicates the service is running.

-
Start Docker and enable it on boot.
sudo systemctl start docker && sudo systemctl enable dockerNoteTo uninstall the Enclave CLI, run
sudo yum remove enclave-cli. -
Restart the instance to apply the changes.
References
For Enclave CLI usage, see Quick start.