Sold by: HyTrust, Inc
Deployed on AWS
Free Trial
AWS Free Tier
Entrust KeyControl provides Enterprise Grade Key Management for on premise or multi-cloud virtual infrastructure.
Overview
Entrust (Formerly HyTrust) KeyControl provides Enterprise Grade Key Management for on premise or multi-cloud virtual infrastructure. Deploy a single KeyControl node within minutes using the KeyControl solution in the AWS Marketplace. Then form a cluster by deploying additional nodes and joining them to your original node/cluster. Entrust KeyControl cluster is highly secure, scalable, FIPS certified, highly available, fully symmetric cluster which can scale up to 8 geographically distributed nodes. Use instructions in the KeyControl Admin guide to configure your newly deployed KeyControl cluster as your key manage to manage Keys in Multi-Cloud and virtualized encrypted workload environments with KeyControl. Search entrust.com/documentation for instructions on how to integrate KeyControl with Entrust partner products.
Highlights
- Zero-downtime Encryption: Keep applications online during initial encryption and re-keying operations.
- Policy-based Key Management: Entrust KeyControl is secure and highly available, ensuring you have complete control over your encryption keys.
- Simplicity: You want security without complexity. DataControl can be deployed in seconds and its policy-based operation requires very little ongoing management.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
OtherLinux 9.4
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.
Dimension | Cost/hour |
|---|---|
t3.large Recommended | $0.80 |
t2.micro | $0.80 |
c3.xlarge | $0.80 |
c4.xlarge | $0.80 |
d2.xlarge | $0.80 |
t2.2xlarge | $0.80 |
t2.medium | $0.80 |
i3.xlarge | $0.80 |
m5a.large | $0.80 |
m5ad.xlarge | $0.80 |
Vendor refund policy
We do not currently support refunds, but you can cancel at any time.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
- KeyControl and KeyControl Compliance Manager have changed names. o KeyControl is now known as Cryptographic Security Platform Vault. o KeyControl Compliance Manager is now known as Cryptographic Security Platform Compliance Manager. o The KeyControl Vault for Application Security is now known as the Cryptographic Security Platform Vault for Cryptographic APIs.
- If the cloud status of a CloudKey is not available, it can be immediately removed using the Force Purge command.
- You can now use certificate-based authentication with Azure BYOK.
- You can now use BYOK and cache-only keys (HYOK) with Salesforce.
- You can set up an automatic synchronization schedule to import all CloudKeys in a Key Set.
- You can now cache your keys in the Cryptographic Security Platform Vault for Cryptographic APIs.
- The Cryptographic Security Platform Vault for Secrets now supports Terraform secrets
- Cryptographic Security Platform Vault for Databases now supports column-level encryption for PostgreSQL .
- You can now use mTLS authentication in the Cryptographic Security Platform Vault for Cryptographic APIs.
Additional details
Usage instructions
Access KeyControl console please SSH to your KeyControl server's public ip with your public key using login ID "htadmin" and the initial password is the Amazon instance ID for the KeyControl instance. Access to the Entrust system is through any standard browser using public ip of your KeyControl. During install, a single administrator is created called secroot with a password which is the Amazon instance ID for the KeyControl instance. After logging in for the first time, you will be presented with the EULA (one time only).
Resources
Support
Vendor support
https://trustedcare.entrust.com/ Please allow 24 hours for a response when contacting Entrust. For customers interested in an Enterprise Support Contract, please contact Entrust Sales.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Thales
By BYNET
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Clustering and High Availability
Supports formation of highly available symmetric clusters with up to 8 geographically distributed nodes for redundancy and fault tolerance
FIPS Certification
FIPS certified cryptographic security platform meeting federal information processing standards
Policy-Based Key Management
Implements policy-driven encryption key management enabling centralized control over key lifecycle and operations
Multi-Cloud and Virtualized Environment Support
Manages encryption keys across on-premise and multi-cloud virtual infrastructure environments
Zero-Downtime Encryption Operations
Supports encryption and re-keying operations without requiring application downtime
Centralized Key Management
Centrally manages cryptographic keys used across different encryption types and platforms, supporting enterprise environments and major cloud providers including AWS native keys, BYOK, and HYOK.
Data Discovery and Classification
Inspects data systems, databases, and storage locations to identify and classify sensitive data in both structured and unstructured formats with risk-oriented assessment.
Encryption and Tokenization
Supports multiple encryption and tokenization use cases including file system level, database or column level, application-embedded libraries, and API gateway implementations, with options for standard encryption, tokenization, and data masking.
Unified Policy Management
Centralizes policies, audit reports, and control management across all encryption and protection solutions in a single platform for consistent security policy application.
Multi-Platform Data Protection
Protects data across on-premises infrastructure, Amazon Web Services, and other cloud providers with integrated encryption solutions.
Centralized Key Lifecycle Management
Centralized key lifecycle management with role-based access control to encryption keys and policies across the data security platform.
Hardware Security Module Integration
Integration with FIPS 140-2 validated Thales Luna and third-party hardware security modules (HSMs) for secure key storage with highest root of trust.
Developer-Friendly APIs
Support for multiple API protocols including REST, KMIP, and NAE XML for easier integration with applications and systems.
Audit and Compliance Logging
Enterprise key management activity logs provided in non-repudiatable audit trail that can be forwarded to security information management (SIEM) platforms.
Multi-Environment Data Discovery and Classification
Unified management console for discovery, classification, and protection of sensitive data across file systems, databases, applications, containers, big data, and virtualized environments.
Standard contract
No
No
No
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.