What is AWS CloudHSM? - AWS CloudHSM

What is AWS CloudHSM?

AWS CloudHSM provides customers with hardware security modules (HSMs) in the AWS Cloud. A hardware security module is a computing device that processes cryptographic operations and provides secure storage for cryptographic keys.

When you use an HSM from AWS CloudHSM, you can perform a variety of cryptographic tasks:

  • Generate, store, import, export, and manage cryptographic keys, including symmetric keys and asymmetric key pairs.

  • Use symmetric and asymmetric algorithms to encrypt and decrypt data.

  • Use cryptographic hash functions to compute message digests and hash-based message authentication codes (HMACs).

  • Cryptographically sign data (including code signing) and verify signatures.

  • Generate cryptographically secure random data.

If you want a managed service for creating and controlling your encryption keys but you don't want or need to operate your own HSM, consider using AWS Key Management Service.

To learn more about what you can do with AWS CloudHSM, see the following topics. When you are ready to get started with AWS CloudHSM, see Getting started.