1. Home
  2. Training Library
  3. Amazon Web Services
  4. Courses
  5. Getting started with AWS CloudHSM

Introduction to CloudHSM

The course is part of these learning paths

Security - Specialty Certification Preparation for AWS
course-steps 22 certification 1 lab-steps 11
AWS Security Services
course-steps 9 certification 1 lab-steps 4 quiz-steps 5
AWS Access & Key Management Security
course-steps 6 certification 1 lab-steps 2 quiz-steps 3


Start course


Course Description:

AWS CloudHSM is the name of Amazon’s original encryption key solution. HSM stands for Hardware Security Module and in the solution provided by AWS is a Safenet Luna appliance hosted at AWS. The appliance is single tenant and exclusive to each customer. AWS only manages the hardware and base operation but does not manage the keys or even have the ability to access the key management system within the HSM.

Intended Audience:

  • Anyone that needs to know more about the Amazon Hardware Security Module branded CloudHSM that is provided as a dedicated hardware appliance.
  • Anyone preparing for an Amazon Certifications as well as security officers that have a responsibility to ensure data is protected in an environment at Amazon Web Services.


  • Due to the advanced nature of the CloudHSM topic this course is not designed to be your first course about Amazon Web Services. 
  • It is a very good idea to complete the Key Management Service course if you are trying to make a decision between the two encryption offerings.

Learning Objectives:

  • To teach you the basics of AWS CloudHSM
  • What it will cost to implement
  • Comparison of KMS to AWS CloudHSM
  • How to implement a key and encrypt data
  • Which services can be used with CloudHSM
  • Why you might use AWS CloudHSM
  • Other uses for AWS CloudHSM

What you'll learn:

  • CloudHSM Basics: An overview of CloudHSM basics, along with terminally, and use cases.
  • What is CloudHSM: In this very detailed lesson, the presentation includes information about performance, scalability, availibility, costs, and best practices.
  • CloudHSM Operations: How to set-up the HSM conrtoller as well as how to provision and deprovision HSM.

About the Author

Tom an active AWS Consultant creating and deploying AWS solutions for over five years. He has worked on numerous projects that involve everything from small lean startups on a tight budget to massive commercial Enterprises that have large-scale budgets with large-scale requirements that must be met even no matter the cost. Tom has worked for several of our United States government agencies taking the agencies to the cloud by migrating solutions from on-premise data centers to the AWS cloud in a secure solution while reducing their overall cost to operate and maintain the solution.

Personally Tom spends his available time riding his bicycle, sampling a good wine or two, enjoying a good meal and watching Formula One races.