Best practices

CloudHSM Cluster has only one availability zone

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to generate and use your own encryption keys. It was detected that the CloudHSM Cluster '{AwsCloudHsmV2Cluster}' has only one availability zone, thereby allowing the creation of a single point of failure.

  • Recommended Mitigation

    Since you cannot change the Availability Zones configuration after a cluster is created, it is recommended to create a new CloudHSM Cluster with multiple Availability Zones to maximize durability and availability.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.