KSM & CloudHSM

  • They are both encryption services.

  • KMS: - Stands for Key Management Service. - AWS manages the encryption keys. - Encryption automatically enabled for: CloudTrail Logs, S3 Glacier and Storage Gateway.

  • CloudHSM: - HSM - Hardware Security Module - Dedicated hardware for security. - AWS gives the encryption hardware to you, so you can generate encryption keys.

Last updated

Was this helpful?