Announcing the new AWS CloudHSM. The new CloudHSM offers you cost effective hardware key management at cloud scale for sensitive and regulated workloads. You can now generate and use encryption keys using FIPS 140-2 Level 3 validated hardware security modules (HSMs) on the AWS Cloud. CloudHSM integrates with your applications using industry-standard APIs, such as PKCS#11, Java Cryptography Extensions (JCE), and Microsoft CryptoNG (CNG). It is also standards-compliant and enables you to export all of your keys to most other commercially-available HSMs. CloudHSM is a fully-managed service that automates time-consuming administrative tasks for you, such as hardware provisioning, software patching, high-availability, and backups. With CloudHSM, you can add and remove HSM capacity on-demand, with no up-front costs.