Service certificate – STACKIT Confidential Server

Service Name

STACKIT Confidential Server

High level service description

STACKIT Confidential Server (“Confidential Server”) provides virtual machines (“VM”) consisting of a combination of processor (“vCPU”) and memory (“RAM”). With Confidential Server, customers have the opportunity to secure their VMs leveraging modern (hardware-based) security technologies, like AMD SEV-ES. The customer can select the optimal VM for his application from various pre-packaged variants (”Flavors“). The provision, management, and deletion of the VM is carried out by the customer himself. The STACKIT API can be used for deploying Confidential Server flavors.

Key Features

• VMs can be secured by customers with modern (hardware-based) security technologies from processor manufacturers to implement Confidential Computing scenarios.
• Creation, usage and deletion of VMs according to individual requirements.
• Use of the service in self-service using the STACKIT API.
• One or more Availability Zones (AZ) for provisioning VMs in different availability classes.
  • Each Availability Zone is separated in power supply, cooling, and local network connectivity from the other Availability Zones.
  • Several Availability Zones can be located in the same building.

Service Plans

During the order process, the customer has the option to choose from different configurations (“flavors”). They mainly differ in their performance capabilities or storage capacity. The current list can be viewed via STACKIT API. The version is marked accordingly in the flavor (e.g. “m1a.8cd“). The hardware on which the VM is based (e.g. processor type) is specified and described in the additional documentation (STACKIT knowledgebase) and can be viewed there by the customer.

Metric

• Billing per VM per hour or part thereof.
• Calculated Period: Creation of the VM until deletion of the VM minus.
• For other resources used by the customer in conjunction with a VM, such as Block Storage and Backup Storage, a separate charge is made according to the conditions specified in the respective service certificate.

SLA Specifics

• An availability of 99.5% on a calendar month average is agreed.
• VMs that are waiting for access to their disk due to a Block Storage failure still count as available.
• The availability data refers to the availability of the VMs that are in operation. It does not include configuration or customer-related properties for non-availability (e.g. a shutdown of the VM).

Backup

• Backup and restore are sole responsibility of the customer. In particular:
  • The defintion (properties configured by the customer) of the VM itself.
  • The data of the possible local disk.
  • The data of a disk when using the Block Storage

Additional Terms

• The customer may use VMs of the Confidential Server to install and run software licensed separately by customer.
• STACKIT doesnt provide public operating system images for Confidential Servers.
• Management of the operating system and other software on the VMs is the sole responsibility of the customer. This includes, but is not limited to, installation, operation, the import of updates and patches, maintenance, backup and support.
• The customer is responsible for the security of its virtual machine.
• The following additional Third Party Terms apply to the use of Openstack’s Web Console
  • noVNC/LICENSE.txt at master novnc/noVNC GitHub

Version 1.0, valid from 14.03.2024