---
 vsock_proxy/service/nitro-enclaves-vsock-proxy.service |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/vsock_proxy/service/nitro-enclaves-vsock-proxy.service
+++ b/vsock_proxy/service/nitro-enclaves-vsock-proxy.service
@@ -8,11 +8,12 @@ Type=simple
 StandardOutput=journal
 StandardError=journal
 SyslogIdentifier=vsock-proxy
+Environment=VSOCK_PROXY_CONFIG=/usr/share/nitro_enclaves/vsock-proxy.yaml
 # Use RUST_LOG=trace for more verbose logging
 ExecStart=/bin/bash -ce "TOKEN=$(curl --silent -X PUT \"http://169.254.169.254/latest/api/token\" -H \"X-aws-ec2-metadata-token-ttl-seconds: 21600\") ; \
 			REGION=$(curl --silent -H \"X-aws-ec2-metadata-token: $TOKEN\" http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region) ; \
 			[ -z \"$REGION\" ] && REGION=$(curl --silent http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region) ; \
-			RUST_LOG=warn exec /usr/bin/vsock-proxy 8000 kms.$${REGION}.amazonaws.com 443 --config /etc/nitro_enclaves/vsock-proxy.yaml"
+			RUST_LOG=warn exec /usr/bin/vsock-proxy 8000 kms.$${REGION}.amazonaws.com 443 --config $VSOCK_PROXY_CONFIG"
 Restart=always
 TimeoutSec=0