Manage your keys on FIPS validated hardware, protected with customer-owned, single-tenant HSM instances running in your own Virtual Private Cloud (VPC). Separation of duties and role-based access control is inherent in the design of the AWS CloudHSM. AWS monitors the health and network availability of your HSMs; you control the HSMs and the generation and use of your encryption keys.


Meet performance requirements of your applications through elasticity, adding or removing HSM instances while achieving latency and reliability goals. For more details, refer to the performance page in the AWS CloudHSM user guide.


Demonstrate compliance with security and privacy regulations, such as PCI, GDPR, HIPAA, and FedRAMP.


Automatically load balance requests and securely replicate keys across HSM instances in your cluster, improving key durability and increasing capacity.


Deploy an open solution that supports a wide range of cryptographic algorithms through industry-standards such as PKCS#11, JCE, OpenSSL, and CNG/KSP.

Learn more about product pricing

See pricing examples and calculate your costs.

Learn more 
Sign up for a free account

Instantly get access to the AWS Free Tier. 

Sign up 
Start building in the console

Get started building with AWS CloudHSM in the AWS Console.

Sign in