diff --git a/container/notary-nitriding/Dockerfile b/container/notary-nitriding/Dockerfile
new file mode 100644
index 0000000..266eec5
--- /dev/null
+++ b/container/notary-nitriding/Dockerfile
@@ -0,0 +1,34 @@
+# Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+######## full image ########
+
+FROM amazonlinux:2 as image
+
+RUN amazon-linux-extras install aws-nitro-enclaves-cli -y
+RUN yum update -y && \
+    yum install -y \
+    aws-nitro-enclaves-cli-dev \
+    jq \
+    wget \
+    procps
+
+RUN yum clean all
+
+RUN if command -v nitro-cli > /dev/null 2>&1; then \
+        echo "Command exists"; \
+    else \
+        find /ne-deps \
+        echo "Command does not exist"; \
+        exit 1; \
+    fi
+
+RUN wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.7.5/gvproxy-linux-amd64
+RUN mv gvproxy-linux-amd64 gvproxy
+RUN chmod +x gvproxy
+RUN cp gvproxy /usr/bin
+
+COPY bin/notary-server-nitriding.eif /home/notary-server.eif
+COPY notary-nitriding/run.sh  /home
+
+CMD ["/home/run.sh"]
diff --git a/container/notary-nitriding/enclave_manifest.json b/container/notary-nitriding/enclave_manifest.json
new file mode 100644
index 0000000..6eea3ba
--- /dev/null
+++ b/container/notary-nitriding/enclave_manifest.json
@@ -0,0 +1,18 @@
+{
+    "name": "notary-nitriding-deployment",
+    "repository": "https://github.com/EternisAI/notary-nitriding-deployment.git",
+    "tag": "key-sync",
+    "eif": {
+        "name": "notary-server-nitriding.eif",
+        "docker": {
+            "image_name": "notary-server-eif",
+            "image_tag": "1.0",
+            "target": "",
+            "x86_64": {
+                "file_path": ".",
+                "file_name": "Dockerfile.nitriding",
+                "build_path": ""
+            }
+        }
+    }
+}
diff --git a/container/notary-nitriding/run.sh b/container/notary-nitriding/run.sh
new file mode 100755
index 0000000..03d9080
--- /dev/null
+++ b/container/notary-nitriding/run.sh
@@ -0,0 +1,37 @@
+#!/bin/bash -e
+# Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+
+readonly EIF_PATH="/home/notary-server.eif"
+readonly ENCLAVE_CPU_COUNT=2
+readonly ENCLAVE_MEMORY_SIZE=4096
+readonly NE_ALLOCATOR_SPEC_PATH="/etc/nitro_enclaves/allocator.yaml"
+
+main() {
+    sed -i "s/cpu_count:.*/cpu_count: $ENCLAVE_CPU_COUNT/g" $NE_ALLOCATOR_SPEC_PATH
+    sed -i "s/memory_mib:.*/memory_mib: $ENCLAVE_MEMORY_SIZE/g" $NE_ALLOCATOR_SPEC_PATH
+    cat /etc/nitro_enclaves/allocator.yaml
+    nitro-cli describe-enclaves
+    nitro-cli run-enclave --cpu-count $ENCLAVE_CPU_COUNT --memory $ENCLAVE_MEMORY_SIZE \
+        --eif-path $EIF_PATH
+
+    local enclave_id=$(nitro-cli describe-enclaves | jq -r ".[0].EnclaveID")
+    echo "-------------------------------"
+    echo "Enclave ID is $enclave_id"
+    echo "-------------------------------"
+
+    # nitro-cli console --enclave-id $enclave_id # blocking call.
+    pkill -f gvproxy || true
+    gvproxy -listen vsock://:1024 -listen unix:///tmp/network.sock &
+    sleep 2
+    curl   --unix-socket /tmp/network.sock   http:/unix/services/forwarder/expose   -X POST   -d '{"local":":444","remote":"192.168.127.2:444"}'
+    curl   --unix-socket /tmp/network.sock   http:/unix/services/forwarder/expose   -X POST   -d '{"local":":443","remote":"192.168.127.2:443"}'
+    
+    while [[ $(nitro-cli describe-enclaves) != "[]" ]]; do
+        echo "Enclave is still running. Waiting..."
+        sleep 10
+    done
+
+    echo "Enclave has terminated."
+}
+
+main
diff --git a/container/notary/Dockerfile b/container/notary/Dockerfile
new file mode 100644
index 0000000..e9d6d14
--- /dev/null
+++ b/container/notary/Dockerfile
@@ -0,0 +1,34 @@
+# Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+######## full image ########
+
+FROM amazonlinux:2 as image
+
+RUN amazon-linux-extras install aws-nitro-enclaves-cli -y
+RUN yum update -y && \
+    yum install -y \
+    aws-nitro-enclaves-cli-dev \
+    jq \
+    wget \
+    procps
+
+RUN yum clean all
+
+RUN if command -v nitro-cli > /dev/null 2>&1; then \
+        echo "Command exists"; \
+    else \
+        find /ne-deps \
+        echo "Command does not exist"; \
+        exit 1; \
+    fi
+
+RUN wget https://github.com/containers/gvisor-tap-vsock/releases/download/v0.7.5/gvproxy-linux-amd64
+RUN mv gvproxy-linux-amd64 gvproxy
+RUN chmod +x gvproxy
+RUN cp gvproxy /usr/bin
+
+COPY bin/notary-server.eif /home
+COPY notary/run.sh  /home
+
+CMD ["/home/run.sh"]
diff --git a/container/notary/enclave_manifest.json b/container/notary/enclave_manifest.json
new file mode 100644
index 0000000..15d422e
--- /dev/null
+++ b/container/notary/enclave_manifest.json
@@ -0,0 +1,18 @@
+{
+    "name": "notary-nitriding-deployment",
+    "repository": "https://github.com/EternisAI/notary-nitriding-deployment.git",
+    "tag": "main",
+    "eif": {
+        "name": "notary-server.eif",
+        "docker": {
+            "image_name": "notary-server-eif",
+            "image_tag": "1.0",
+            "target": "",
+            "x86_64": {
+                "file_path": ".",
+                "file_name": "Dockerfile",
+                "build_path": ""
+            }
+        }
+    }
+}
diff --git a/container/notary/run.sh b/container/notary/run.sh
new file mode 100755
index 0000000..bd9b4b0
--- /dev/null
+++ b/container/notary/run.sh
@@ -0,0 +1,32 @@
+#!/bin/bash -e
+# Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+
+readonly EIF_PATH="/home/notary-server.eif"
+readonly ENCLAVE_CPU_COUNT=2
+readonly ENCLAVE_MEMORY_SIZE=4096
+readonly NE_ALLOCATOR_SPEC_PATH="/etc/nitro_enclaves/allocator.yaml"
+
+main() {
+    sed -i "s/cpu_count:.*/cpu_count: $ENCLAVE_CPU_COUNT/g" $NE_ALLOCATOR_SPEC_PATH
+    sed -i "s/memory_mib:.*/memory_mib: $ENCLAVE_MEMORY_SIZE/g" $NE_ALLOCATOR_SPEC_PATH
+    cat /etc/nitro_enclaves/allocator.yaml
+    nitro-cli describe-enclaves
+    nitro-cli run-enclave --cpu-count $ENCLAVE_CPU_COUNT --memory $ENCLAVE_MEMORY_SIZE \
+        --eif-path $EIF_PATH
+
+    local enclave_id=$(nitro-cli describe-enclaves | jq -r ".[0].EnclaveID")
+    echo "-------------------------------"
+    echo "Enclave ID is $enclave_id"
+    echo "-------------------------------"
+
+    # nitro-cli console --enclave-id $enclave_id # blocking call.
+    pkill -f gvproxy || true
+    gvproxy -listen vsock://:1024 -listen unix:///tmp/network.sock &
+    sleep 2
+    curl   --unix-socket /tmp/network.sock   http:/unix/services/forwarder/expose   -X POST   -d '{"local":":7047","remote":"192.168.127.2:7047"}'
+    curl   --unix-socket /tmp/network.sock   http:/unix/services/forwarder/expose   -X POST   -d '{"local":":443","remote":"192.168.127.2:443"}'
+
+    sleep infinity
+}
+
+main