How to Create CloudHSM cluster on Amazon Web service(AWS).

AWS CloudHSM runs in own Amazon Virtual Private Cloud (VPC), so that we can easily use HSMs with applications that run on Amazon EC2 instances. Using CloudHSM, we can use standard VPC security controls to manage access to HSMs. Applications connect securely and with better performance.

AWS CloudHSM automates time-consuming HSM administrative tasks, such as hardware provisioning, software patching, high availability, and backups.

  • Login to aws portal.
  • Click on Services.


Fig 1


  • Under Security, Identity,& Compliance select CloudHSM.


Fig 2


  • Click on create a cluster.


Fig. 3


  • Create or select existing VPC.
  • We can create or select one subnet for each availability zone.


Fig. 4


  • We can create or restore a cluster from an existing backup.
  • Click on Next.


Fig. 5


  • Set Backup retention period between 7 & 379 days.
  • Click on Next.


Fig. 6


  • Provide tag key name & value.
  • Click on Review.


Fig. 8


  • Review all cluster configurations.


Fig. 7


  • Click on Create Cluster.


Fig 10


  • After sometime Cluster is being created state.



Create CloudHSM cluster using Shell

aws create-cluster –backup-retention-policy <value> –hsm-type <value> –source-backup-id <value> –subnet-ids <value>


Leave a Reply