Cloud HSM

From Cramsession

Revision as of 23:07, 4 June 2025 by Mflavell (talk | contribs) (→‎Overview)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

✍️ Verified Author: Mflavell • Click to view professional profile & credentials

Overview

This is a managed services for data encryption.

HSM = Hardware Security Module [1]
Validated to FIPS 140-2 Level 3
Generate encryption keys

A cloud HSM is a custom keystore.

Allows the storage of keys outside the KMS in side the CloudHSM cluster.

Useful if the key material cannot be stored in a shared envionment.

Cloud HSM is deployed as a cluster:

The default size is 6 per account per region.
Cloud HSM manages key synchronizations for you.

Cloud HSM features

High availability.
Load balancing.
Replication.
Scaling.
Managed by AWS.
Integrates with AWS services.

Retrieved from "https://cramsession.net/index.php?title=Cloud_HSM&oldid=1127"

Navigation menu