Home icon

How to manage migration of hsm1.medium CloudHSM clusters to hsm2m.medium

Security Blog

This article provides a comprehensive guide for migrating AWS CloudHSM clusters from hsm1.medium to hsm2m.medium instance type before the hsm1 deprecation on December 1, 2025.

  • Key improvements in hsm2m.medium include FIPS 140-3 Level 3 support, increased storage capacity, and mutual TLS support
  • Two primary migration approaches are discussed: customer-triggered and customer-managed
  • Two blue/green deployment strategies are recommended for high availability during migration:
    • Approach 1: Using load balancer to route traffic
    • Approach 2: Using multi-cluster configuration
  • Important considerations include backup retention, client SDK upgrades, and monitoring application performance
  • Key synchronization methods are provided for different migration scenarios

The article emphasizes the importance of careful planning, monitoring, and having rollback strategies during the CloudHSM migration process.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Related articles

Apr 20
2026
How to clone an AWS CloudHSM cluster across Regions
Aug 20
2024
AWS CloudHSM launches new hsm2m.medium instance type
Sep 26
2024
How to migrate 3DES keys from a FIPS to a non-FIPS AWS CloudHSM cluster
Feb 6
2024
How to migrate asymmetric keys from CloudHSM to AWS KMS

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.