Best practices

CloudHSM Cluster has only one availability zone

Risk Level

Informational (4)

Platform(s)

Description

AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to generate and use your own encryption keys. It was detected that the CloudHSM Cluster '{AwsCloudHsmV2Cluster}' has only one availability zone, thereby allowing the creation of a single point of failure.
  • Recommended Mitigation

    Since you cannot change the Availability Zones configuration after a cluster is created, it is recommended to create a new CloudHSM Cluster with multiple Availability Zones to maximize durability and availability.