Intel TDX uses attestation and TDX-specific API for secret injection. You attest the TD, then push secrets into the guest's `tdx-guest` module via `TDCALL[TDG.MR.REPORT]`. It's a defined, hardware-rooted channel.
AWS Nitro Enclaves uses the parent instance as a proxy. Secrets are delivered via a local VSOCK channel after KMS decryption, based on attestation docs from the enclave. More moving parts (parent, vsock, KMS policy).
Key differences:
* TDX: Direct injection into the guest memory (private) via hardware instructions.
* Nitro: Indirect via local host, relies on correct parent isolation and KMS integration.
Cleaner? TDX. Fewer components, defined hardware path. Nitro adds operational complexity with the parent and AWS services.
/root
USER nobody