config/build.config.toml - incubator-teaclave - Git at Google

 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #   http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.

 # Teaclave Build Config

 # Intel Attestation Service root CA certificate to verify attestation report
 as_root_ca_cert = { path = "config/keys/ias_root_ca_cert.pem" }
 # For DCAP, use the following cert
 # as_root_ca_cert = { path = "config/keys/dcap_root_ca_cert.pem" }

 # Auditors' public keys to verify their endorsement signatures
 auditor_public_keys = [
     { path = "config/keys/auditors/godzilla/godzilla.public.pem" },
     { path = "config/keys/auditors/optimus_prime/optimus_prime.public.pem" },
     { path = "config/keys/auditors/albus_dumbledore/albus_dumbledore.public.pem"},
 ]

 # Validity in seconds for a remote attestation report and endorsed attested TLS config
 attestation_validity_secs = 3600

 # gRPC configuration
 [grpc_config]
 # Limits the maximum size of an encoded/decoded message.
 max_encoding_message_size = 4194304
 max_decoding_message_size = 4194304

 # Refer to docs/service-internals.md for the service topology
 [inbound]
 access_control = ["teaclave_frontend_service", "teaclave_management_service"]
 authentication = ["teaclave_frontend_service"]
 storage        = ["teaclave_management_service", "teaclave_scheduler_service"]
 management     = ["teaclave_frontend_service"]
 scheduler      = ["teaclave_execution_service"]
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.

	# Teaclave Build Config

	# Intel Attestation Service root CA certificate to verify attestation report
	as_root_ca_cert = { path = "config/keys/ias_root_ca_cert.pem" }
	# For DCAP, use the following cert
	# as_root_ca_cert = { path = "config/keys/dcap_root_ca_cert.pem" }

	# Auditors' public keys to verify their endorsement signatures
	auditor_public_keys = [
	{ path = "config/keys/auditors/godzilla/godzilla.public.pem" },
	{ path = "config/keys/auditors/optimus_prime/optimus_prime.public.pem" },
	{ path = "config/keys/auditors/albus_dumbledore/albus_dumbledore.public.pem"},
	]

	# Validity in seconds for a remote attestation report and endorsed attested TLS config
	attestation_validity_secs = 3600

	# gRPC configuration
	[grpc_config]
	# Limits the maximum size of an encoded/decoded message.
	max_encoding_message_size = 4194304
	max_decoding_message_size = 4194304

	# Refer to docs/service-internals.md for the service topology
	[inbound]
	access_control = ["teaclave_frontend_service", "teaclave_management_service"]
	authentication = ["teaclave_frontend_service"]
	storage = ["teaclave_management_service", "teaclave_scheduler_service"]
	management = ["teaclave_frontend_service"]
	scheduler = ["teaclave_execution_service"]