Introduction
Section titled “Introduction”Deploy Aembit Edge: Aembit Edge represents components deployed within your operational environments that enforce Access Policies by intercepting traffic, verifying identities, and injecting credentials just-in-time.Learn more in virtual environments such as VMware vSphere. Aembit Edge provides secure Workload Identity: A unique, verifiable identity assigned to a workload by Aembit.Learn more and attestation capabilities. This guide provides an overview of the components and features available when using Aembit Edge in virtualized settings.
Pages in this section
Section titled “Pages in this section”- About Network Identity Attestation
- Set up Network Identity Attestor
- Network Identity Attestor reference
- Process Hash Attestation
Key components
Section titled “Key components”- Network Identity Attestor: Network Identity Attestor is an Aembit Edge component deployed in VMware vSphere environments that verifies VM identity through the vCenter API and issues signed attestation documents for workload authentication.Learn more (NIA): A specialized attestation service that verifies the identity of workloads based on their network identity within the virtual environment.
- Credential Provider: Credential Providers obtain the specific access credentials—such as API keys, OAuth tokens, or temporary cloud credentials—that Client Workloads need to authenticate to Server Workloads.Learn more: Support for multiple credential types including JWT-SVID: A SPIFFE Verifiable Identity Document in JWT format. JWT-SVIDs are cryptographically signed, short-lived tokens that prove workload identity and enable secure authentication without static credentials.Learn more, OIDC ID Tokens, and Vault Client Tokens. This enables flexible identity solutions for virtualized workloads.