Cloud HSM: How to auto sync keys, users, policies between two separate HSM clusters (within region or outside region)

0

I have a high performance requirement for the data encryption. Within a single region, we would like to set up a two HSM clusters each with more than 10 HSMs. But all HSMs has to have all same keys, users and policies. I am aware about cross-region data replication through AWS backup to replicate HSMs data but let me know if there is any other good approach to replicate HSMs data across multiple clusters. These clusters can be set up within the same region or outside region.

kp
asked a year ago336 views
1 Answer
3

Like most AWS resources, clusters and HSMs are regional resources. To create HSMs in multiple Regions, you must first create a cluster in each Region. You cannot reuse or extend a cluster across Regions. https://docs.aws.amazon.com/cloudhsm/latest/userguide/regions.html

A good approach to replicate HSMs data across multiple clusters will be to clone an AWS CloudHSM cluster across regions following the steps listed here: https://aws.amazon.com/blogs/security/how-to-clone-an-aws-cloudhsm-cluster-across-regions/

AWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions