A Fortanix Enclave Manager Image is a particular software release or a version of an application. Each image is associated with one enclave hash (MRENCLAVE).
When an image is first created in Enclave Manager, it is in an unapproved state. After configurable approval actions are taken, the image is considered whitelisted. When an image is whitelisted, Enclave Manager knows that enclaves with the associated hash (MRENCLAVE) are trusted instances of the corresponding application, and will issue certs with the application’s domain name(s) to those enclaves.
- The Tag of the Docker image for the application.
- Sign in to Fortanix Enclave Manager, and then click the Images tab.
Figure 1: Images tab
- Click +IMAGES to create a new image for an application (Figure 1).
- In the Select an application template field, select an application from the list for which a new image needs to be created.
- Enter the REGISTRY CREDENTIALS for Input image name and Output image name. The Registry Credentials are the credentials to access the private docker registry from which an image is going to be pulled or pushed. If the private docker registry is same for the input image and the output image, then select the check box Use same credential as input image registry in the Output image name.
- In the Tag field, enter the tag value of the Docker image (Figure 2).
- Click Create to create the image (Figure 2).
Figure 2: Select an Application
- An image whitelist task is created and added which is visible in the Images table. You can approve the task to whitelist the image from the Tasks tab. Once approved, a green tick would appear in the Approval status column for that image.
Figure 4: Image created successfully
NOTE: The Source Image tag and Output Image tag is the same. Once an image of an application is created, it will be pushed to the specified location in the Output Image Name of the application.