Just wanted to note that AWS KMS is FIPS 140-2 compliant according to the documentation
2 Answers
You’re definitely right; KMS is now FIPS 140-2 Level 2 compliant, which isn’t reflected in the video with the table. This makes a pretty big difference since you don’t need to be spending $1,000~ per month just for compliance purposes with CloudHSM. There are still plenty of reasons why CloudHSM can be necessary for particular customers, but it’s important to know which service fits the need best.
Thanks for letting us know about this, I’ll pass it along to our instructor
Feedback can also be submitted directly to us through our Contact Support form, where one of our technical team members will respond and assess what we need to do to update our content
Thought I’d pass along this additional info:
It goes into detail regarding the HSM, how it functions, and what components are rated at what level. It’s pretty "deep in the weeds" but also has a picture of what AWS’ HSMs look like.
https://aws.amazon.com/blogs/security/aws-key-management-service-now-offers-fips-140-2-validated-cryptographic-modules-enabling-easier-adoption-of-the-service-for-regulated-workloads/