Guides

Real AWS Drill

Validate a real EIF-backed deployment path before go-live.

This guide validates the real AWS execution path using an EIF digest.

Prerequisites

You can run enclavely CLI against your deployed environment.
You have a valid EIF digest in sha256:<64-hex> format.
Your project and target environment already exist.

1) Run preflight checks

enclavely verify --project <project> --env <env> --scope ops --strict-backlog
enclavely readiness --project <project> --env <env>

2) Execute a real drill

enclavely drill \
  --project <project> \
  --env <env> \
  --eif-digest sha256:<eif-digest> \
  --timeout-sec 180

Expected result:

release_runner_evidence_present: pass
release_runtime_markers_present: pass
release_enclave_markers_valid: pass
release_artifact_verified: pass

3) Validate routing to active release

enclavely routing --project <project> --env <env>

Confirm:

route shows target (transport/cid/port)
route shows latest release version and healthy status

4) If the drill fails

enclavely release retry --project <project> --latest-failed --env <env>
enclavely rollback --project <project> --env <env> --to <known-good-version>

Do not enable critical traffic until EIF-backed drill passes and routing resolves to a healthy release.

Test API Smoke

Deploy the bundled test API and verify health, routing, and echo.

On this page

Prerequisites 1) Run preflight checks 2) Execute a real drill 3) Validate routing to active release 4) If the drill fails