AWS API Changes

2024/05/02 - Amazon Elastic Compute Cloud - 1 new api methods

Changes This release includes a new API for retrieving the public endorsement key of the EC2 instance's Nitro Trusted Platform Module (NitroTPM).

GetInstanceTpmEkPub (new)

Link ¶

Gets the public endorsement key associated with the Nitro Trusted Platform Module (NitroTPM) for the specified instance.

See also: AWS API Documentation

Request Syntax

client.get_instance_tpm_ek_pub(
    InstanceId='string',
    KeyType='rsa-2048'|'ecc-sec-p384',
    KeyFormat='der'|'tpmt',
    DryRun=True|False
)

type InstanceId:

string

param InstanceId:

[REQUIRED]

The ID of the instance for which to get the public endorsement key.

type KeyType:

string

param KeyType:

[REQUIRED]

The required public endorsement key type.

type KeyFormat:

string

param KeyFormat:

[REQUIRED]

The required public endorsement key format. Specify der for a DER-encoded public key that is compatible with OpenSSL. Specify tpmt for a TPM 2.0 format that is compatible with tpm2-tools. The returned key is base64 encoded.

type DryRun:

boolean

param DryRun:

Specify this parameter to verify whether the request will succeed, without actually making the request. If the request will succeed, the response is DryRunOperation. Otherwise, the response is UnauthorizedOperation.

rtype:

dict

returns:

Response Syntax

{
    'InstanceId': 'string',
    'KeyType': 'rsa-2048'|'ecc-sec-p384',
    'KeyFormat': 'der'|'tpmt',
    'KeyValue': 'string'
}

Response Structure

(dict) --
- InstanceId (string) --
  
  The ID of the instance.
- KeyType (string) --
  
  The public endorsement key type.
- KeyFormat (string) --
  
  The public endorsement key format.
- KeyValue (string) --
  
  The public endorsement key material.