AWS Certified Cloud Practitioner

Sign Up Free or Log In to participate!

CloudHSM recovery options or single point of failure?

With CloudHSM, I’m assuming the hardware is a single point of failure? If lost, or damaged I’m assuming a new device must be issued and new keys generated, or does the fact that the hardware maintaining the private key, once lost, means you’re unable to decrypt data in order to make use of a new CloudHSM?

1 Answers

It is advised that you create CloudHSM in a highly available design to avoid having a single point of failure. You can do so by creating a CloudHSM cluster which spreads your CloudHSM instances in more than availability zones with your VPC. Here is the link to AWS documentation with the explanations

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?