BYOK to KMS for less than 15$ a year - using AWS CloudHSM | Amazon Web Services

Опубликовано 22 ноября 2024, 18:39

Back in 2016, AWS Key Management Service (AWS KMS) announced the ability to bring your own keys (BYOK) for use with KMS-integrated AWS services and custom applications. This feature allows you more control over the creation, lifecycle, and durability of your keys. You decide the hardware or software used to generate the customer-managed AWS KMS key, you determine when or if the keys will expire, and you get to upload your keys only when you need them and delete them when you’re done. Using an on-premises HSM to create and back up your imported keys can become expensive. You have to plan for factors like the cost of the device itself, its storage in a datacenter, electricity, maintenance of the device, and network costs, all of which can add up. An on-premises HSM device could run upwards of $10K annually even if used sparingly, in addition to the cost of purchasing the device in the first place. Even if you’re only using the HSM for key creation and backup and don’t need it on an ongoing basis, you might still need to keep it running to avoid complex re-initialization processes. This is where AWS CloudHSM comes in.

CloudHSM offers HSMs that are under your control, in your virtual private cloud (VPC). You can spin up an HSM device, create your key material, export it, import it into AWS KMS for use, and then terminate the HSM (since CloudHSM saves your HSM state using secure backups). Because you’re only billed for the time your HSM instance is active, you can perform these steps for less than $15.00 a year!

Learn more at: go.aws/4118CN8

Subscribe to AWS: go.aws/subscribe

Sign up for AWS: go.aws/signup
AWS free tier: go.aws/free
Explore more: go.aws/more
Contact AWS: go.aws/contact

Next steps:
Explore on AWS in Analyst Research: go.aws/reports
Discover, deploy, and manage software that runs on AWS: go.aws/marketplace
Join the AWS Partner Network: go.aws/partners
Learn more on how Amazon builds and operates software: go.aws/library

Do you have technical AWS questions?
Ask the community of experts on AWS re:Post: go.aws/3lPaoPb

Why AWS?
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—use AWS to be more agile, lower costs, and innovate faster.

#KMS #CloudHSM #BYOK #AWS #AmazonWebServices #CloudComputing