Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Connect to multiple AWS CloudHSM clusters

Focus mode
Connect to multiple AWS CloudHSM clusters - AWS CloudHSM

Each CloudHsmProvider represents a connection to your AWS CloudHSM Cluster. If you want to talk to another cluster from the same application, you can create another object of CloudHsmProvider with configurations for your other cluster and you can interact with this other cluster either using the provider object or using the provider name, as shown in the following example.

CloudHsmProviderConfig config = CloudHsmProviderConfig.builder() .withCluster( CloudHsmCluster.builder() .withHsmCAFilePath(hsmCAFilePath) .withClusterUniqueIdentifier("CloudHsmCluster1") .withServer(CloudHsmServer.builder().withHostIP(hostName).build()) .build()) .build(); CloudHsmProvider provider1 = new CloudHsmProvider(config); if (Security.getProvider(provider1.getName()) == null) { Security.addProvider(provider1); } CloudHsmProviderConfig config2 = CloudHsmProviderConfig.builder() .withCluster( CloudHsmCluster.builder() .withHsmCAFilePath(hsmCAFilePath2) .withClusterUniqueIdentifier("CloudHsmCluster2") .withServer(CloudHsmServer.builder().withHostIP(hostName2).build()) .build()) .build(); CloudHsmProvider provider2 = new CloudHsmProvider(config2); if (Security.getProvider(provider2.getName()) == null) { Security.addProvider(provider2); }

Once you have configured both the providers (both the clusters) above, you can interact with them either using the provider object or using the provider name.

Expanding upon this example that shows how to talk to cluster1, you could use the following sample for a AES/GCM/NoPadding operation:

Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", provider1);

And in the same application to do "AES" Key generation on the second cluster using the provider name, you could also use the following sample:

Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", provider2.getName());
PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.