Manage your keys on FIPS validated hardware, protected with customer-owned, single-tenant HSM instances running in your own Virtual Private Cloud (VPC). Separation of duties and role-based access control is inherent in the design of the AWS CloudHSM. AWS monitors the health and network availability of your HSMs; you control the HSMs and the generation and use of your encryption keys.
Meet performance requirements of your applications through elasticity, adding or removing HSM instances while achieving latency and reliability goals. For more details, refer to the performance page in the AWS CloudHSM user guide.
Demonstrate compliance with security and privacy regulations, such as PCI, GDPR, HIPAA, and FedRAMP.
Automatically load balance requests and securely replicate keys across HSM instances in your cluster, improving key durability and increasing capacity.
Deploy an open solution that supports a wide range of cryptographic algorithms through industry-standards such as PKCS#11, JCE, OpenSSL, and CNG/KSP.