SecureBoot is a way to ensure the integrity of a system by configuring it to only boot if the images (programs) being loaded are signed by an authorized source. This is true of physical machines, but also of virtual machines, and by extension, cloud instances. However, I recently discovered that in AWS, an AMI of the popular Ubuntu operating system, when running on arm64
instance types such as t4g.nano
, didn’t have SecureBoot enabled. So I sought to fix that, and discovered that while it is quite simple to do, it’s not very obvious. Here’s a tutorial and some explanation that will probably be useful for x64_64
and arm64
systems alike, but was written purely based on my own use case, so adapt and test as necessary and report back what you find!