Getting Started with AWS CloudHSM | Scribe

    Getting Started with AWS CloudHSM

    • Hafeez Baig |
    • 9 steps |
    • 57 seconds
    information ordinal icon

    Refer to the following guide to learn how to use IAM in the cloud\ <https://scribehow.com/shared/Creating_an_IAM_User_and_User_Group_in_AWS_Management_Console__hWNiiXlcRJKFqYZZEJD-cg>

    1

    Sign in to **AWS Management Console** as an **IAM User** **Pre-requisite** - Ensure you have selected the AWS region closest to your location\ For this guide, we will be using us-east-2 (Ohio) as a preferred choice

    2

    Type **CloudHSM** in the search bar and click on **CloudHSM** to view the CloudHSM page

    information ordinal icon

    **What is CloudHSM in AWS?** AWS CloudHSM (Hardware Security Module) is a cloud-based service that provides secure cryptographic key storage and operations using dedicated Hardware Security Modules (HSMs). These HSMs are physical devices that are tamper-resistant and specifically designed to securely store cryptographic keys and perform cryptographic operations.

    3

    On the AWS CloudHSM page, click on the **Create cluster** button on right side

    information ordinal icon

    **What is an Cluster?** In AWS CloudHSM, a cluster refers to a group of one or more Hardware Security Modules (HSMs) working together within a single logical unit. When you create a CloudHSM cluster, you are essentially setting up a dedicated environment for cryptographic key storage and operations.

    4

    **Cluster configuration** wizard will open, select the VPC for CloudHSM cluster

    5

    Scroll to the **Availability Zone** section, to select the subnets in the regions

    6

    Scroll to the **Cluster source** section and select the option **Create a new cluster** and click on **Next** button to create a new cluster

    7

    You can also create a CloudHSM cluster from the Key Management Service Type **Key Management Service** in the search bar and click on **Key Management Service** to view the Key Management Service page

    information ordinal icon

    **What is a Key Management Service in AWS?** Key Management Service (KMS) in AWS is a managed service that enables you to create and control the encryption keys used to encrypt your data. It provides a centralized key management system that simplifies the process of creating, rotating, and managing encryption keys for AWS services and your own applications.

    8

    On the **Key Management Service** dashboard, click on the **AWS CloudHSM key stores** from the left bar

    information ordinal icon

    **What are AWS CloudHSM key stores?** AWS CloudHSM key stores refer to the secure storage locations within the AWS CloudHSM service where cryptographic keys are stored and managed. These key stores are essentially partitions within the HSM hardware where keys are securely stored and operations related to those keys are performed.

    9

    **AWS CloudHSM key stores** wizard will open, click on the **AWS CloudHSM** link

    information ordinal icon

    Congratulations on completing the lab and getting started with AWS CloudHSM! Well done!