Your suggested change has been received. Thank you.


Suggest A Change….


CCKM Administration

AWS CloudHSM Key Store Resources


Please Note:

AWS CloudHSM Key Store Resources

Within AWS CloudHSMs, AWS provides cloud-based hardware security modules (HSMs), which are used to perform cryptographic operations and store cryptographic keys securely. Using an AWS CloudHSM, you can create and control your encryption keys within the AWS Cloud. The HSMs reside in a cluster of HSMs, which are automatically synchronized whenever an operation is performed on one. You own and manage these HSMs as a single-tenant user of the device, which you run on your own AWS Virtual Private Cloud (VPC).

In this documentation, AWS CloudHSM is also referred to as AWS CloudHSM key store.

CCKM integration with AWS CloudHSM enables you to perform the following from the CCKM UI:

  • Create and manage CloudHSM key stores

  • Connect to a CloudHSM key store

  • Create and manage CloudHSM keys

Prerequisites for AWS CloudHSM

Prior to creating an AWS CloudHSM key store from CCKM, ensure to perform the prerequisite steps within AWS. For more information, refer to AWS CloudHSM documentation including the AWS Key Management Service Developer Guide and AWS CloudHSM User Guide.

Setting up a CloudHSM Key Store from CCKM

After you have performed the prerequisite steps including creating an AWS CloudHSM cluster, proceed to CCKM to create a CloudHSM key store and then connect it to the cluster you wish to use for this key store.

To set up a CloudHSM key store:

  1. From CCKM, create a key store of type CloudHSM. See Create a CloudHSM Key Store.

  2. From CCKM, connect your CloudHSM key store to its associated AWS CloudHSM cluster. See Connect to a CloudHSM Key Store.