Gatekeeper deploys into your AWS VPC from a Terraform module. The enclave image ships with a published PCR0 measurement you can verify against the reproducible build.
Credentials are encrypted under your customer managed CMK. The key policy conditions decryption on your accepted PCR0 set; Station70 has no decryption path.
Agents authenticate through Microsoft Entra / Azure AD and connect to the gateway over a private endpoint. No public ingress is required.
Policy evaluates locally inside the enclave with no external calls. Decisions complete in under a millisecond.
Approved calls reach internal services over PrivateLink and AWS services through SigV4 requests signed inside the enclave. Signing keys never transmit.
Audit events stream to your SIEM through your own log pipeline. Nothing crosses your network boundary.
Infrastructure as code deployment of the gateway, enclave, KMS policy, and DynamoDB tables into your account.
The MCP endpoint runs on your EC2 instances behind your load balancer, reachable only from your networks.
You own the key, the key policy, and the rotation schedule. Revoking the grant cuts all decryption instantly.
Egress to internal services stays on the AWS backbone. Certificate pinning is configurable per service.
Your identity provider issues the JWTs agents present. Compromise scope matches every other OIDC relying party you run.
Station70 has no decryption path. The key policy on your CMK gates decryption on PCR0, enforced by AWS outside Station70’s reach.
A modified gateway binary fails attestation and never receives plaintext. New PCR0 values surface in your KMS audit logs before acceptance.
Policy evaluates locally with no external calls, so a WAN outage does not affect enforcement.
Audit logs stay in your storage. Retention, export, and legal hold follow your own controls.
Walk through the trust model, policy design, and rollout with our security and solutions team.