From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep

Unlock this course with a free trial

Join today to access over 25,600 courses taught by industry experts.

AWS CloudHSM

AWS CloudHSM - Amazon Web Services (AWS) Tutorial

From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep

Start my 1-month free trial Buy for my team

AWS CloudHSM

AWS cloud HSM is another service you can use for creating and managing encryption keys. The big difference between this and KMS is that cloud HSM is a dedicated hardware device that you get access to. It's not just a multi tenant infrastructure like KMS, and actually runs in your VPC. So let's have a look at some key facts about cloud HSM. It's a cloud based hardware security module running in the cloud, you can generate and use your own encryption keys on the AWS cloud with cloud HSM, and it runs in your VPC. It uses what's known as FIPS 140 dash two level three validated hardware security modules. Now that just means that is extremely secure. It's validated as being a secure configuration. Now it's not that kms isn't secure. Of course it is. But it is a multi tenant infrastructure. So a hardware based security module will give you that additional level of security that you may need for your compliance or your security requirements in your organization. It's a managed service and it…

Contents