AWS CloudHSM clusters
Making individual HSMs work together in a synchronized, redundant, and highly-available way can be difficult, but AWS CloudHSM does the heavy lifting for you by providing hardware security modules (HSMs) in clusters. A cluster is a collection of individual HSMs that AWS CloudHSM keeps in sync. When you perform a task or operation on one HSM in a cluster, the other HSMs in that cluster are automatically kept up to date.
AWS CloudHSM offers clusters in two modes: FIPS and non-FIPS. In FIPS mode, only Federal Information Processing Standard (FIPS) validated keys and algorithms can be used. Non-FIPS mode offers all the keys and algorithms that are supported by AWS CloudHSM, regardless of FIPS approval. AWS CloudHSM also offers two types of HSMs: hsm1.medium and hsm2m.medium. For details on the differences between each HSM type and cluster mode, see AWS CloudHSM cluster modes.
To meet your availability, durability, and scalability goals, you set the number of HSMs in your cluster across multiple availability zones. You can create a cluster that has 1 to 28 HSMs (the default
limit is 6 HSMs per AWS account per AWS Region). You can place the HSMs in different Availability Zones
For more information about clusters, see Clusters in AWS CloudHSM.
To create a cluster, see Getting started.