From the course: Complete Guide to AWS Security and Compliance Management
Join today to access over 24,900 courses taught by industry experts.
Understanding AWS CloudHSM - Amazon Web Services (AWS) Tutorial
From the course: Complete Guide to AWS Security and Compliance Management
Understanding AWS CloudHSM
- [Instructor] While KMS is a wonderful tool for managing encryption keys, the Cloud Hardware Security Module offers a greater level of customer control. If your organization requires more flexibility than what KMS offers, CloudHSM provides a viable alternative. Let's explore the compelling advantages CloudHSM provides when compared with KMS. First off, while KMS is based on the shared hardware model that makes the public cloud possible, cloud HSM is delivered via a single-tenant access to a dedicated, highly-available cluster. With KMS, you have the option of creating your own encryption keys or letting AWS do that for you. However, CloudHSM works only with keys that you create. This gives you greater control, as AWS has no access to the keys that you've created. While KMS is FIPS 140-2-compliant, CloudHSM goes even further by being Level 3-compliant. If you run workloads that require that additional level of compliance, the only way to get there in AWS is with CloudHSM. CloudHSM…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
Understanding Amazon Macie3m 11s
-
Configuring a Macie job9m 25s
-
(Locked)
Exploring Macie results2m 53s
-
(Locked)
Understanding Key Management Service3m 41s
-
(Locked)
Creating a KMS key5m 8s
-
(Locked)
Creating a multi-region KMS key4m 14s
-
(Locked)
Using a KMS in S35m 43s
-
(Locked)
Using KMS and an IAM role7m 31s
-
(Locked)
Automating KMS key rotation4m 21s
-
(Locked)
Deleting a KMS key6m 10s
-
(Locked)
Enabling EBS default encryption8m 11s
-
(Locked)
Understanding Secrets Manager2m 14s
-
(Locked)
Using Secrets Manager5m 18s
-
(Locked)
Enabling autorotation with Secrets Manager7m 58s
-
(Locked)
Creating a multi-region secret4m 10s
-
(Locked)
Deleting a Secrets Manager secret5m 59s
-
(Locked)
Understanding AWS CloudHSM2m 38s
-
(Locked)
Understanding Systems Manager3m 44s
-
(Locked)
Implementing Systems Manager3m 52s
-
(Locked)
Resolving compliance with Systems Manager5m 16s
-
(Locked)
Creating Resource Groups3m 9s
-
(Locked)
Patching with Systems Manager3m 46s
-
(Locked)
Understanding Incident Manager2m 38s
-
(Locked)
Using Parameter Store4m 2s
-
(Locked)
Understand Certificate Manager4m
-
(Locked)
Creating a private certificate authority4m 52s
-
(Locked)
Creating a private certificate2m 40s
-
(Locked)
Using a private certificate6m 43s
-
(Locked)
Understanding Payment Cryptography4m 51s
-
(Locked)
Challenge: KMS1m 28s
-
(Locked)
Solution: KMS5m 34s
-
-
-
-