refactor(images): tdx-group -> az-group

Author: raykyri

DEPLOY-BUILDER.md

@@ -28,8 +28,9 @@ gcloud compute instances create gcp-builder \
       '
 
 # For Azure:
+az group create --location eastus --resource-group eastus-group
 az vm create \
-      --resource-group tdx-group \
+      --resource-group eastus-group \
       --name azure-builder \
       --image Canonical:ubuntu-24_04-lts:server:latest \
       --size Standard_D4s_v3 \
@@ -45,7 +46,7 @@ SSH into the VM:
 gcloud compute ssh gcp-builder
 
 # For Azure:
-az ssh vm --resource-group tdx-group --name azure-builder --local-user azureuser
+az ssh vm --resource-group eastus-group --name azure-builder --local-user azureuser
 ```
 
 For Azure, grant /dev/kvm permissions to the current user:

GETTING-STARTED.md

@@ -8,17 +8,6 @@ your application. Code running inside cannot be observed or tampered
 with by the cloud provider. Clients can cryptographically verify
 they're talking to your exact code via remote attestation.
 
-Compared to TDX, SEV-SNP is a earlier generation technology that has
-been in general availability for longer (~3-4 years vs. ~1-2 years).
-It is available on more platforms (including Google Cloud, AWS, Azure)
-and has better support for using sealing keys to persisting data.
-
-Tradeoffs include weaker isolation at the hypervisor level, and thus,
-a lessened security posture against malicious cloud providers.
-However, given that neither Intel nor AMD consider hardware attacks on
-memory encryption to be within their security model, we consider
-SEV-SNP to be an essentially equivalent technology to Intel TDX.
-
 ## Overview
 
 1. Set up a builder machine

packages/images/scripts/cleanup_azure.sh

@@ -45,7 +45,7 @@ elif [ -n "${GROUP:-}" ]; then
 elif [ -f "$RESOURCE_GROUP_FILE" ]; then
     RESOURCE_GROUP=$(cat "$RESOURCE_GROUP_FILE")
 else
-    RESOURCE_GROUP="tdx-group"
+    RESOURCE_GROUP="az-group"
 fi
 GALLERY_NAME="tdxGallery"
 CONTAINER_NAME="vhds"

packages/images/scripts/config_azure.sh

@@ -50,7 +50,7 @@ RESOURCE_GROUP_FILE=".resourcegroup"
 if [ -f "$RESOURCE_GROUP_FILE" ]; then
     RESOURCE_GROUP=$(cat "$RESOURCE_GROUP_FILE")
 else
-    RESOURCE_GROUP="tdx-group"
+    RESOURCE_GROUP="az-group"
 fi
 AZURE_NAME_FILE=".vm_name_azure"
 

packages/images/scripts/deploy_azure.sh

@@ -12,7 +12,7 @@
 #
 # Prerequisites:
 # - Azure CLI installed and logged in (az login)
-# - Resource group 'tdx-group' exists
+# - Resource group 'az-group' exists, or another group is provided in .resourcegroup
 #
 # The script automatically creates the following resources if they don't exist:
 # - Azure Compute Gallery 'tdxGallery'
@@ -26,7 +26,7 @@ RESOURCE_GROUP_FILE=".resourcegroup"
 if [ -f "$RESOURCE_GROUP_FILE" ]; then
     RESOURCE_GROUP=$(cat "$RESOURCE_GROUP_FILE")
 else
-    RESOURCE_GROUP="tdx-group"
+    RESOURCE_GROUP="az-group"
 fi
 GALLERY_NAME_FILE=".galleryname"
 if [ -f "$GALLERY_NAME_FILE" ]; then

packages/images/scripts/ls_azure.sh

@@ -29,7 +29,7 @@ elif [ -n "${GROUP:-}" ]; then
 elif [ -f "$RESOURCE_GROUP_FILE" ]; then
     RESOURCE_GROUP=$(cat "$RESOURCE_GROUP_FILE")
 else
-    RESOURCE_GROUP="tdx-group"
+    RESOURCE_GROUP="az-group"
 fi
 GALLERY_NAME="tdxGallery"
 CONTAINER_NAME="vhds"

packages/images/scripts/redeploy_azure.sh

@@ -12,7 +12,7 @@
 #
 # Prerequisites:
 # - Azure CLI installed and logged in (az login)
-# - Resource group 'tdx-group' exists
+# - Resource group 'az-group' exists, or another group is provided in .resourcegroup
 # - The VM to redeploy exists
 #
 # Arguments:
@@ -34,7 +34,7 @@ RESOURCE_GROUP_FILE=".resourcegroup"
 if [ -f "$RESOURCE_GROUP_FILE" ]; then
     RESOURCE_GROUP=$(cat "$RESOURCE_GROUP_FILE")
 else
-    RESOURCE_GROUP="tdx-group"
+    RESOURCE_GROUP="az-group"
 fi
 GALLERY_NAME_FILE=".galleryname"
 if [ -f "$GALLERY_NAME_FILE" ]; then