Merge pull request #218324 from msmbaldwin/attestation-misc

Attestation misc

Author: prmerger-automator[bot]

articles/attestation/claim-sets.md

@@ -12,15 +12,15 @@ ms.author: mbaldwin
 ---
 # Claim sets
 
-Claims generated in the process of attesting enclaves using Microsoft Azure Attestation can be divided into the below categories:
+Claims generated in the process of attesting enclaves using Microsoft Azure Attestation can be divided into these categories:
 
 - **Incoming claims**: The claims generated by Microsoft Azure Attestation after parsing the attestation evidence and can be used by policy authors to define authorization rules in a custom policy
 
 - **Outgoing claims**: The claims generated by Azure Attestation and included in the attestation token
 
 - **Property claims**: The claims created as an output by Azure Attestation. It contains all the claims that represent properties of the attestation token, such as encoding of the report, validity duration of the report, and so on.
 
-## Incoming claims 
+## Incoming claims
 
 ### SGX attestation
 
@@ -42,7 +42,7 @@ Claims to be used by policy authors to define authorization rules in an SGX atte
 
   When an enclave author prefers to rotate MRSIGNER for security reasons, Azure Attestation policy must be updated to support the new and old MRSIGNER values before the binaries are updated. Otherwise authorization checks will fail resulting in attestation failures.
 
-  Attestation policy must be updated using the below format. 
+  Attestation policy must be updated using the format below.
 
   #### Before key rotation
 
@@ -87,10 +87,10 @@ Claims to be used by policy authors to define authorization rules in an SGX atte
 
   The enclave author assigns a Security Version Number (SVN) to each version of the SGX enclave. When a security issue is discovered in the enclave code, enclave author increments the SVN value post vulnerability fix. To prevent interacting with insecure enclave code, customers can add a validation rule in the attestation policy. If the SVN of the enclave code does not match the version recommended by the  enclave author, attestation will fail.
 
-Below claims are considered deprecated but are fully supported and will continue to be included in the future. It is recommended to use the non-deprecated claim names.
+These claims are considered deprecated but are fully supported and will continue to be included in the future. It is recommended to use the non-deprecated claim names:
 
 Deprecated claim | Recommended claim
---- | --- 
+--- | ---|
 $is-debuggable | x-ms-sgx-is-debuggable
 $product-id | x-ms-sgx-product-id
 $sgx-mrsigner | x-ms-sgx-mrsigner
@@ -114,7 +114,7 @@ Claims to be used by policy authors to define authorization rules in a TPM attes
 
 ### VBS attestation
 
-In addition to the TPM attestation policy claims, below claims can be used by policy authors to define authorization rules in a VBS attestation policy.
+In addition to the TPM attestation policy claims, these claims can be used by policy authors to define authorization rules in a VBS attestation policy:
 
 - **enclaveAuthorId**:  String value containing the Base64Url encoded value of the enclave author id-The author identifier of the primary module for the enclave
 - **enclaveImageId**:  String value containing the Base64Url encoded value of the enclave Image id-The image identifier of the primary module for the enclave
@@ -124,11 +124,11 @@ In addition to the TPM attestation policy claims, below claims can be used by po
 - **enclavePlatformSvn**:  Integer value containing the security version number of the platform that hosts the enclave
 - **enclaveFlags**:  The enclaveFlags claim is an Integer value containing Flags that describe the runtime policy for the enclave
 
-## Outgoing claims 
+## Outgoing claims
 
 ### Common for all attestation types
 
-Azure Attestation includes the below claims in the attestation token for all attestation types. 
+Azure Attestation includes these claims in the attestation token for all attestation types:
 
 - **x-ms-ver**: JWT schema version (expected to be "1.0")
 - **x-ms-attestation-type**: String value representing attestation type 
@@ -145,7 +145,7 @@ Below claim names are used from [IETF JWT specification](https://tools.ietf.org/
 - **"exp" (Expiration Time) Claim** - Expiration time after which the JWT must not be accepted for processing
 - **"nbf" (Not Before) Claim** - Not Before time before which the JWT must not be accepted for processing 
 
-Below claim names are used from [IETF EAT draft specification](https://tools.ietf.org/html/draft-ietf-rats-eat-03#page-9)
+These claim names are used from [IETF EAT draft specification](https://tools.ietf.org/html/draft-ietf-rats-eat-03#page-9):
 
 - **"Nonce claim" (nonce)** - An untransformed direct copy of an optional nonce value provided by a client 
 
@@ -162,7 +162,7 @@ rp_data  | nonce
 
 ### SGX attestation 
 
-Below claims are generated and included in the attestation token by the service for SGX attestation.
+These caims are generated and included in the attestation token by the service for SGX attestation:
 
 - **x-ms-sgx-is-debuggable**: A Boolean, which indicates whether or not the enclave has debugging enabled or not
 - **x-ms-sgx-product-id**: Product ID value of the SGX enclave 
@@ -180,17 +180,17 @@ Below claims are generated and included in the attestation token by the service
     - **tcbinfohash**: SHA256 value of the TCB Info collateral 
 - **x-ms-sgx-report-data**: SGX enclave report data field (usually SHA256 hash of x-ms-sgx-ehd) 
 
-Below claims will appear only in the attestation token generated for Intel® Xeon® Scalable processor-based server platforms. The claims will not appear if the SGX enclave is not configured with [Key Separation and Sharing Support](https://github.com/openenclave/openenclave/issues/3054). The claim definitions can be found [here](https://github.com/openenclave/openenclave/issues/3054)
+These claims will appear only in the attestation token generated for Intel® Xeon® Scalable processor-based server platforms. The claims will not appear if the SGX enclave is not configured with [Key Separation and Sharing Support](https://github.com/openenclave/openenclave/issues/3054). The claim definitions can be found [here](https://github.com/openenclave/openenclave/issues/3054):
 
 - **x-ms-sgx-config-id**
 - **x-ms-sgx-config-svn**
 - **x-ms-sgx-isv-extended-product-id**
 - **x-ms-sgx-isv-family-id**
 
-Below claims are considered deprecated but are fully supported and will continue to be included in the future. It is recommended to use the non-deprecated claim names.
+These claims are considered deprecated, but are fully supported and will continue to be included in the future. It is recommended to use the non-deprecated claim names:
 
 Deprecated claim | Recommended claim
---- | --- 
+--- | ---|
 $is-debuggable | x-ms-sgx-is-debuggable
 $product-id | x-ms-sgx-product-id
 $sgx-mrsigner | x-ms-sgx-mrsigner

articles/attestation/overview.md

@@ -10,7 +10,7 @@ ms.author: mbaldwin
 ms.custom: references_regions
 
 ---
-# Microsoft Azure Attestation 
+# Microsoft Azure Attestation
 
 Microsoft Azure Attestation is a unified solution for remotely verifying the trustworthiness of a platform and integrity of the binaries running inside it. The service supports attestation of the platforms backed by Trusted Platform Modules (TPMs) alongside the ability to attest to the state of Trusted Execution Environments (TEEs) such as [Intel® Software Guard Extensions](https://www.intel.com/content/www/us/en/architecture-and-technology/software-guard-extensions.html) (SGX) enclaves, [Virtualization-based Security](/windows-hardware/design/device-experiences/oem-vbs) (VBS) enclaves, [Trusted Platform Modules (TPMs)](/windows/security/information-protection/tpm/trusted-platform-module-overview),  [Trusted launch for Azure VMs](../virtual-machines/trusted-launch.md) and [Azure confidential VMs](../confidential-computing/confidential-vm-overview.md).
 
@@ -20,6 +20,8 @@ Azure Attestation enables cutting-edge security paradigms such as [Azure Confide
 
 Azure Attestation receives evidence from compute entities, turns them into a set of claims, validates them against configurable policies, and produces cryptographic proofs for claims-based applications (for example, relying parties and auditing authorities).
 
+Azure Attestation supports both platform- and guest-attestation of AMD SEV-SNP based Confidential VMs (CVMs). Azure Attestation-based platform attestation happens automatically during critical boot path of CVMs, with no customer action needed. For more details on guest attestation, see [Announcing general availability of guest attestation for confidential VMs](https://techcommunity.microsoft.com/t5/azure-confidential-computing/announcing-general-availability-of-guest-attestation-for/ba-p/3648228).
+
 ## Use cases
 
 Azure Attestation provides comprehensive attestation services for multiple environments and distinctive use cases.
@@ -40,17 +42,17 @@ Intel® Xeon® Scalable processors only support [ECDSA-based attestation solutio
 
 OE standardizes specific requirements for verification of an enclave evidence. This qualifies OE as a highly fitting attestation consumer of Azure Attestation.
 
-### TPM attestation 
+### TPM attestation
 
 [Trusted Platform Modules (TPM)](/windows/security/information-protection/tpm/trusted-platform-module-overview) based attestation is critical to provide proof of a platform's state. A TPM acts as the root of trust and the security coprocessor to provide cryptographic validity to the measurements (evidence). Devices with a TPM can rely on attestation to prove that boot integrity is not compromised and use the claims to detect feature state enablement during boot. 
 
 Client applications can be designed to take advantage of TPM attestation by delegating security-sensitive tasks to only take place after a platform has been validated to be secure. Such applications can then make use of Azure Attestation to routinely establish trust in the platform and its ability to access sensitive data.
 
-### AMD SEV-SNP attestation 
+### AMD SEV-SNP attestation
 
 Azure [Confidential VM](../confidential-computing/confidential-vm-overview.md) (CVM) is based on [AMD processors with SEV-SNP technology](../confidential-computing/virtual-machine-solutions-amd.md). CVM offers VM OS disk encryption option with platform-managed keys or customer-managed keys and binds the disk encryption keys to the virtual machine's TPM. When a CVM boots up, SNP report containing the guest VM firmware measurements will be sent to Azure Attestation. The service validates the measurements and issues an attestation token that is used to release keys from [Managed-HSM](../key-vault/managed-hsm/overview.md) or [Azure Key Vault](../key-vault/general/basic-concepts.md). These keys are used to decrypt the vTPM state of the guest VM, unlock the OS disk and start the CVM. The attestation and key release process is performed automatically on each CVM boot, and the process ensures the CVM boots up only upon successful attestation of the hardware.
 
-### Trusted Launch attestation 
+### Trusted Launch attestation
 
 Azure customers can [prevent bootkit and rootkit infections](https://www.youtube.com/watch?v=CQqu_rTSi0Q) by enabling [trusted launch](../virtual-machines/trusted-launch.md) for their virtual machines (VMs). When the VM is Secure Boot and vTPM enabled with guest attestation extension installed, vTPM measurements get submitted to Azure Attestation periodically for monitoring boot integrity. An attestation failure indicates potential malware, which is surfaced to customers via Microsoft Defender for Cloud, through Alerts and Recommendations.
 

articles/attestation/quickstart-azure-cli.md

@@ -5,7 +5,7 @@ services: attestation
 author: msmbaldwin
 ms.service: attestation
 ms.topic: quickstart
-ms.date: 11/20/2020
+ms.date: 11/14/2022
 ms.author: mbaldwin
 ms.custom: mode-api, devx-track-azurecli 
 ms.devlang: azurecli

articles/attestation/quickstart-portal.md

@@ -5,7 +5,7 @@ services: attestation
 author: msmbaldwin
 ms.service: attestation
 ms.topic: quickstart
-ms.date: 08/31/2020
+ms.date: 11/14/2022
 ms.author: mbaldwin
 
 

articles/attestation/quickstart-powershell.md

@@ -5,7 +5,7 @@ services: attestation
 author: msmbaldwin
 ms.service: attestation
 ms.topic: overview
-ms.date: 01/23/2023
+ms.date: 11/14/2022
 ms.author: mbaldwin 
 ms.custom: devx-track-azurepowershell