Cloudhsm: HSMs are being rotated

We have a CloudHSM cluster with 2 HSM in different zones (azA and azB). We noticed that once in several days (sometimes once in 4 days, sometimes daily), the HSMs are being destroyed and then created back one by one, by the cloudhsm.amazonaws.com service. We thought that this undocumented behavior is expected during backup creation but according to audit logs, there are HSMs that are performing several (daily) backups before are being destroyed/rotated.

In the next graph, you can notice that HSM count raises to 3 during this "rotation" event. HSM coount

Could anyone explain if this is an expected behavior and what is the reason for this "rotation"? HSMs are not under load or temperature pressure at all.

Topics

Security, Identity, & Compliance

Relevant content

stop CloudHSM billing costs
rePost-User-8445084
asked a year ago
CloudHSM: SDK v5 Failover Issue
YK
asked a year ago
CloudHSM linking with DigiCert Authenticode certs after June 2023 requirement for HSMs
Dave Simmons
asked a year ago
Uninitialized cloudHSM cluster cost
Accepted Answer
ienugr
asked 5 months ago
How can I resolve connection issues between the CloudHSM client and the CloudHSM cluster?
AWS OFFICIALUpdated 6 months ago
I want to stop using the CloudHSM Classic service
AWS OFFICIALUpdated 3 years ago
Which CloudHSM certificates are used for the client-server end-to-end encrypted connection?
AWS OFFICIALUpdated 2 months ago
How do I restore a CloudHSM cluster from a previous backup?
AWS OFFICIALUpdated 6 months ago
Free AWS In-Person Training: Graviton Essentials Developer Day - New York
EXPERT
Markus Adhiwiyogo
published 10 months ago
Free AWS In-Person Training: Graviton Essentials Developer Day
EXPERT
Markus Adhiwiyogo
published a year ago