Cloud Hardware Security Module (HSM)

Icon

Cloud HSM Icons

About

  • AWS provides encryption hardware.

  • This is a dedicated hardware, which is tamper-resistant and FIPS 140-2 Level 3 compliant.

  • You manage your own encryption keys entirely (not AWS).

  • They support both symmetric and asymmetric encryption (TLS/SSL).

  • No free tier available.

  • Must use CloudHSM client software to manage key, users and connect to AWS CloudHSM.

  • Redshift support CloudHSM for database encryption and key management.

  • Good option to use with SSE-C encryption.

  • HSM cluster are multi AZ for High Availability (HA).

  • Great for availability and durability.

AWS Services Integration

  • Through integration with AWS KMS.

  • Configure KMS Custom key store with CloudHSM.

Integration Diagram

KMS v/s HSM

PreviousFeaturesNext30_SSM_Store

Last updated