- CloudHSM service helps to meet corporate, contractual & regulatory compliance requirements for data security by using dedicated Hardware Security Module instances within the AWS cloud.
- HSM provides secure key storage and cryptographic operations within a tamper-resistant hardware device.
- HSMs in a cluster are automatically synchronized and load-balanced.
- To protect and isolate CloudHSM from other Amazon customers, CloudHSM must be provisioned inside a VPC.
- AWS manages the firmware on the hardware.
- AWS strongly recommends that to use at least two HSMs in two different Availability Zones for any production workload.
- AWS takes automatic encrypted backups of CloudHSM Cluster on a daily basis & additional backups when cluster lifecycle events occur.
- A single CloudHSM Cluster can contain up to 28 HSMs, subject to account service limits.
- Amazon monitors and maintains the HSM and network for availability and error conditions.
- It provides FIPS 140-2 Level 3 validated HSMs.
No comments:
Post a Comment