This article provides instructions for getting started with Fortanix Armor, the platform that hosts Fortanix Solutions such as Confidential Computing Manager (CCM) and Key Insight.
Armor as a Service
Fortanix hosts and manages the Armor platform. To get started with Fortanix Armor SaaS, visit https://armor.fortanix.com/ and sign up for an account.
For detailed instructions on signing up and creating an account with Fortanix Armor SaaS, refer to Getting Started with Fortanix Armor.
Secure Confidential Workloads Across Cloud and On-Premises
Deploy and manage the Fortanix Armor platform in your own environment. Fortanix currently supports deployment in Microsoft Azure. Once deployed, you can access and use the available Fortanix solutions such as CCM and Key Insight.
Deploy and Configure Fortanix Armor
Ensure that the required infrastructure and prerequisites are in place before deployment.
1. Prepare the Kubernetes Environment
Set up a Kubernetes cluster that meets the following requirements:
Provision a Kubernetes cluster (on-premises or cloud-hosted) with SGX-enabled nodes.
Ensure a supported Kubernetes version (1.34.x or later, as per the supported upgrade path).
Configure cluster access using
KUBECONFIG.Ensure a minimum of three nodes for Cassandra deployment.
For detailed requirements, refer to Kubernetes Cluster Requirements.
2. Install Supporting Components
Install the required components in the cluster:
SGX Device Plugin (for SGX support)
Ingress Controller (for UI/static assets exposure)
cert-manager (for internal TLS certificate management)
3. Configure Container Registry Access
Obtain credentials for the Fortanix OCI registry.
Create image pull secrets in the required namespaces.
For detailed steps, refer to Image Registry Access.
4. Deploy the Fortanix Armor Kubernetes Operator
Install the Fortanix Armor operator using Helm:
Authenticate to the Fortanix OCI registry.
Deploy the operator Helm chart. The latest version can be accessed here.
Configure required parameters such as namespace and version.
For detailed steps, refer to Deploy Fortanix Armor Kubernetes Operator.
5. Verify Operator Deployment
Ensure all operator pods are running.
Confirm the operator is ready.
For detailed verification steps, refer to Verify Deployment.
6. Create the ArmorPlatform Resource
Define the Fortanix CCM platform configuration using the ArmorPlatform custom resource:
Configure the following:
Base configuration, including:
Platform name
Replica count
Container image registry and pull credentials
Internal network ranges
Confidential computing infrastructure (SGX)
Enrollment policies
Database (Cassandra) topology
Ingress and certificate settings
Apply the resource to initiate the deployment of Fortanix Armor components.
For detailed configuration settings, refer to Create ArmorPlatform Resource.
7. Configure Certificates
Provision the external TLS certificates:
For detailed instructions, refer to the following:
8. Verify Deployment
Verify Fortanix Armor deployment:
Ensure all Armor pods are running.
Validate that services are deployed correctly.
9. Access the Fortanix Armor User Interface (UI)
Access the Fortanix Armor UI using the configured domain.
Verify that the Fortanix Armor login page loads successfully.
For detailed instructions, refer to Access Fortanix Armor UI.
10. Perform Initial Setup
Sign up as the first user (automatically becomes System Administrator).
Configure:
Email settings
Security policies
External integrations
For detailed instructions, refer to Initial Configuration.
Learn More
For detailed deployment steps, refer to the Fortanix Armor On-Premises Installation Guide.
For backup and restore, refer to the Backup and Restore guide.