Key management with the AWS CloudHSM KMU
If using the latest SDK version series, use CloudHSM CLI to manage the keys in your AWS CloudHSM cluster.
If using the previous SDK version series, you can manage keys on the hardware security modules (HSM) in your AWS CloudHSM cluster using the key_mgmt_util (KMU) command line tool. Before you can manage keys, you must start the AWS CloudHSM client, start key_mgmt_util, and log in to the HSMs. For more information, see Getting Started with key_mgmt_util.
-
Using trusted keys describes how to use PKCS #11 library attributes and CMU to create trusted keys to secure data.
-
Generating keys has instructions on generating keys, including symmetric keys, RSA keys, and EC keys.
-
Importing keys provides details on how key owners import keys.
-
Exporting keys provides details on how key owners export keys.
-
Deleting keys provides details on how key owners delete keys.
-
Sharing and unsharing keys details how key owners share and unshare keys.