Keys in AWS CloudHSM

Before you can use your AWS CloudHSM cluster for cryptoprocessing, you must create users and keys on the hardware security modules (HSM) in your cluster.

In AWS CloudHSM, use any of the following to manage keys on the HSMs in your cluster:

PKCS #11 library
JCE provider
CNG and KSP providers
CloudHSM CLI

Before you can manage keys, you must log in to the HSM with the user name and password of a crypto user (CU). Only a CU can create a key. The CU who creates a key owns and manages that key.

See the following topics for more information about managing keys in AWS CloudHSM.

Topics

Key sync and durability
AES key wrapping
Trusted keys
Key management with CloudHSM CLI
Key management with KMU

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Change the minimum value

Key sync and durability