HSM types in AWS CloudHSM

AWS CloudHSM also offers two hardware security module (HSM) types: hsm1.medium and hsm2m.medium. Review the details on this page before deciding which HSM type is right for your needs.

In addition to cluster modes, AWS CloudHSM offers two HSM types: hsm1.medium and hsm2m.medium. Each HSM type uses different hardware, and each cluster can only contain one type of HSM. The following table lists the major differences between the two:

Differentiating feature	hsm1.medium	hsm2m.medium
Cluster mode compatibility	Available for clusters in FIPS mode.	Available for clusters in FIPS or non-FIPS mode.
Network type compatibility	Not available	Available for clusters in FIPS or non-FIPS mode.
Backup compatibility	Can be used to backup and restore to hsm1.medium and hsm2m.medium clusters in FIPS mode.	Can only be used to backup and restore hsm2m.medium clusters.
Key capacity	3,300 per cluster.	16,666 total keys, with asymmetric keys having a maximum of 3,333 per cluster.
Client SDKs	Supports all Client SDKs.	Supports all Client SDKs.
Client SDK versions	Compatible with SDK version 3.1.0 and later.	Compatible with Client SDK version 5.12.0 and later.
Region availability	Available in all regions that CloudHSM is available.	Currently available in: US East (N. Virginia) (`us-east-1`) US East (Ohio) (`us-east-2`) US West (Oregon) (`us-west-2`) Europe (Ireland) (`eu-west-1`) Additional regions coming soon.
Performance	To see the performance of each HSM type, refer to AWS CloudHSM performance information.
Certification	FIPS 140-2, PCI DSS, PCI PIN, SOC2, and PCI-3DS compliant.	FIPS 140-3, PCI DSS, and PCI PIN compliant.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Cluster modes

Connecting to the cluster