What is CloudHSM?

HSM(Hardware Security Module)

— A physical tamper-resistant hardware appliance that is used to protect and safeguard cryptographic material and encryption keys

— Provide Federal Information Processing Standard(FIPS) 140–2 Level 3

— CloudHSM is a physical device

— NOT a multi-tenant device

CloudHSM — used for secure encryption key management and storage

Key Management Service

  • Stores and generates encryption keys
  • Can be used by AWS to encrypt your data
  • Uses HSMs that are managed by AWS
  • Less management control than CloudHSM