In this case, there are two options from what I’ve research so far.

  1. Including flag --use-container , this flag will download an image from ECR public registry, then build your application inside docker without having to configure your local node version on your machine. This image is own by Amazon…



HSM(Hardware Security Module)

— A physical tamper-resistant hardware appliance that is used to protect and safeguard cryptographic material and encryption keys

— Provide Federal Information Processing Standard(FIPS) 140–2 Level 3

— CloudHSM is a physical device

— NOT a multi-tenant device

CloudHSM — used for secure encryption key management and storage

Key Management Service

  • Stores and generates encryption keys
  • Can be used by AWS to encrypt your data
  • Uses HSMs that are managed by AWS
  • Less management control than CloudHSM
Nadtakan Futhoem — Sr. Software Engineer