AWS CloudHSM
Manage single-tenant hardware security modules (HSMs) on AWS
Generate and use cryptographic keys on dedicated FIPS 140-2 Level 3 single-tenant HSM instances.
Deploy workloads with high reliability and low latency, and help meet regulatory compliance.
Manage HSM capacity and control your costs by adding and removing HSMs from your cluster.
Pay by the hour, and backup and shut down HSMs when they’re not needed.
How it works
AWS CloudHSM helps you meet corporate, contractual, and regulatory compliance requirements for data security.
AWS CloudHSM lets you manage and access your keys on FIPS-validated hardware, protected with customer-owned, single-tenant HSM instances that run in your own Virtual Private Cloud (VPC).
To watch in your local language, select this video, choose the settings icon, and pick your preferred subtitle option.
AWS CloudHSM lets you manage and access your keys on FIPS-validated hardware, protected with customer-owned, single-tenant HSM instances that run in your own Virtual Private Cloud (VPC).
To watch in your local language, select this video, choose the settings icon, and pick your preferred subtitle option.
Use cases
Offload SSL processing for web servers
Confirm web service identities and establish secure HTTPS connections over the internet using SSL and TLS.
Protect private keys for an issuing CA
Secure and house your private keys, and sign certificate requests, so you can act securely as an issuing certificate authority (CA).
Activate TDE for Oracle databases
Store the transparent data encryption (TDE) encryption key for supported Oracle database servers.
How to get started
Start using AWS CloudHSM
Start generating and using your own encryption keys with ease on AWS.
Review documentation and examples
Learn how to integrate CloudHSM into your own applications.
Contact an expert
Learn more about how CloudHSM is standards compliant.