Get Attestation
Workloads that request attestation evidence
In addition to running pods inside of enclaves, Confidential Containers provides several other features that can be used to protect workloads and data. Securing complex workloads often requires using some of these features.
Most features depend on and require attestation, which is described in the next section.
Workloads that request attestation evidence
Workloads that request resources from Trustee
Procedures to generate and deploy signed OCI images with CoCo
Procedures to encrypt and consume OCI images in a TEE
Use private OCI registries
Generate and deploy protected Kubernetes secrets
Use Init-Data to inject dynamic configurations for Pods
Pull containers from self-hosted registries
Pull containers from self-hosted registries
Add protected volumes to a pod