AWS CloudHSM

Manage single-tenant hardware security modules (HSMs) on AWS

Generate and use cryptographic keys on dedicated FIPS 140-2 Level 3 single-tenant HSM instances.

Deploy workloads with high reliability and low latency, and help meet regulatory compliance.

Manage HSM capacity and control your costs by adding and removing HSMs from your cluster.

Pay by the hour, and backup and shut down HSMs when they’re not needed.

How it works

AWS CloudHSM helps you meet corporate, contractual, and regulatory compliance requirements for data security.

How AWS CloudHSM works diagram
What is AWS CloudHSM? (1:22)
What is AWS CloudHSM?

AWS CloudHSM lets you manage and access your keys on FIPS-validated hardware, protected with customer-owned, single-tenant HSM instances that run in your own Virtual Private Cloud (VPC).

To watch in your local language, select this video, choose the settings icon, and pick your preferred subtitle option.

What is AWS CloudHSM?

AWS CloudHSM lets you manage and access your keys on FIPS-validated hardware, protected with customer-owned, single-tenant HSM instances that run in your own Virtual Private Cloud (VPC).

To watch in your local language, select this video, choose the settings icon, and pick your preferred subtitle option.

Use cases

Encrypt data at rest

Protect data and achieve regulatory compliance.

Learn more about encryption »

Offload SSL processing for web servers

Confirm web service identities and establish secure HTTPS connections over the internet using SSL and TLS.

Learn more about SSL processing »

Protect private keys for an issuing CA

Secure and house your private keys, and sign certificate requests, so you can act securely as an issuing certificate authority (CA).

Learn more about issuing CA »

Activate TDE for Oracle databases

Store the transparent data encryption (TDE) encryption key for supported Oracle database servers.

Learn more about activating TDE »

How to get started

Start using AWS CloudHSM

Start generating and using your own encryption keys with ease on AWS.

Review documentation and examples

Learn how to integrate CloudHSM into your own applications.

Contact an expert

Learn more about how CloudHSM is standards compliant.


Explore more of AWS