What features does AWS CloudHSM have?

Below are the top features of AWS CloudHSM.

  • AWS CloudHSM has a dedicated hardware appliance in AWS cloud for key storage. This key storage is only accessible by the customer, allowing users to manage keys and not have to worry about the CSP having access to the keys.
  • AWS CloudHSM is FIPS 140-2 Level 3 compliant and supports symmetric and asymmetric keys. It also supports 2048-bit to 4096-bit RSA keys, in increments of 256 bits, 128, 192, and 256-bit AES keys, 3DES 192-bit keys, and keys with the P-224, P-256, P-384, P-521, and secp256k1 curves. Only the P-256, P-384, and secp256k1 curves are supported for sign and verify.
  • AWS CloudHSM is capable of key management, key storage and auditing, and being provided as the root of trust for PKIs.