Simple Notification Service (SNS)
Kinesis + MQ
Databases & Analytics
  • CloudHSM is a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on AWS.
  • With CloudHSM, you can manage your own encryption keys using FIPS 140-2 Level 3 validated HSMs.
  • CloudHSM offers you the flexibility to integrate with your applications using industry-standard APIs, such as PKCS#11, Java Cryptography Extensions (JCE), and Microsoft CryptoNG (CNG) libraries.
  • CloudHSM is standards-compliant and enables you to export all of your keys to most other commercially-available HSMs, subject to your configurations.
  • It is a fully-managed service that automates time-consuming administrative tasks for you, such as hardware provisioning, software patching, high-availability, and backups.
  • CloudHSM also enables you to scale quickly by adding and removing HSM capacity on-demand, with no up-front costs.
  • CloudHSM provides hardware security modules (HSMs) in a cluster.
    • A cluster is a collection of individual HSMs that CloudHSM keeps in sync.
    • You can think of a cluster as one logical HSM.
    • When you create the HSMs in different AWS Availability Zones, you automatically get high availability.
Copy link