25-20 CloudHSM

Last updated Aug 17, 2023 Edit Source

#aws-service
CloudHSM is a single-tenant HSM as a service that automates hardware provisioning, software patching, high availability, and backups.

AWS CloudHSM enables you to generate and use your encryption keys on FIPS 140-2 Level 3 validated hardware.

Built on Open HSM industry standards to integrate with:

• PKCS#11
• Java Cryptography Extensions (JCE)
• Microsoft CryptoNG (CNG) libraries

You can also transfer your keys to other commercial HSM solutions to make it easy for you to migrate keys on or off of AWS.

Configure AWS KMS to use AWS CloudHSM cluster as a custom key store rather than the default KMS key store