Home › Forums › AWS › AWS Certified Solutions Architect Associate › cloudHSM zeroised doubt about the correct answer › Reply To: cloudHSM zeroised doubt about the correct answer
-
Hello Aryeh,
Good day!
Thank you for your feedback. You’ve raised some important points about CloudHSM clusters and their backup capabilities. However, let me clarify a few things regarding the specific scenario presented in the question.
The scenario explicitly states, “you did not have a copy of the keys stored anywhere else.” This indicates that no backups or synchronization to other devices were available at the time. Lastly, while it’s true that CloudHSM clusters feature daily automated encrypted backups, the short timeframe described (“You have launched the CloudHSM cluster but after just a few hours“) in the scenario suggests that no backup had yet been created, as AWS takes these backups every 24 hours. ( https://aws.amazon.com/cloudhsm/faqs/#:~:text=AWS%20takes%20automatic%20encrypted%20backups,adding%20or%20removing%20an%20HSM). )
Therefore, the correct answer is, “The keys are lost permanently if you do not have a copy.”
I hope this helps.
Regards,
Neil @ tutorials dojo