AWS cloudhsm medium security documentation change
Summary
Added explicit note that mTLS is not supported for AWS CloudHSM key stores used with AWS KMS
Security assessment
Clarifies security feature limitations by explicitly stating mTLS incompatibility with KMS integrations, preventing misconfigurations
Diff
diff --git a/cloudhsm/latest/userguide/getting-started-setup-mtls.md b/cloudhsm/latest/userguide/getting-started-setup-mtls.md index f0a1ab751..f83b781a7 100644 --- a//cloudhsm/latest/userguide/getting-started-setup-mtls.md +++ b//cloudhsm/latest/userguide/getting-started-setup-mtls.md @@ -9 +9,10 @@ Step 1. Create and register a trust anchor onto the HSMStep 2. Enable mTLS for A -The following topics describe the steps that you must complete to enable the mutual TLS (mTLS) between client and AWS CloudHSM. Currently this feature is exclusively available on hsm2m.medium. For more information about HSM type, see [AWS CloudHSM cluster modes](./cluster-hsm-types.html) . +The following topics describe the steps that you must complete to enable the mutual Transport Layer Security (mTLS) between client and AWS CloudHSM. + +###### Considerations + + * Currently this feature is exclusively available on hsm2m.medium. For more information about HSM type, see [AWS CloudHSM cluster modes](./cluster-hsm-types.html). + + * mTLS is not supported for AWS CloudHSM key stores used with AWS Key Management Service. + + +