Enable AMD SEV-SNP for an Amazon EC2 instance

You can use the AWS CLI to launch an instance with AMD SEV-SNP enabled. You can't enable AMD SEV-SNP after launch.

To launch an instance with AMD SEV-SNP enabled, you must use the AWS CLI. Use the run-instances command and include the --cpu-options AmdSevSnp=enabled option. For --image-id, specify an AMI with the uefi or uefi-prefered boot mode and an operating system that supports AMD SEV-SNP. For --instance-type, specify a supported instance type.


$ aws ec2 run-instances \
--image-id supported_ami_id \
--instance-type supported_instance_type \
--key-name key_pair_name \
--subnet-id subnet_id \
--cpu-options AmdSevSnp=enabled

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Check supported instance types

Attestation with AMD SEV-SNP