You are attempting to deploy CA Privileged Access Manager v4.3.0 FIPS-GA in AWS GovCloud using the AMI that Broadcom made available in your AWS account, but the instance consistently shuts itself down during boot.

The problem was in the launch configuration, explicitly specifying encrypted EBS volumes in the block-device-mappings parameter.

Removing the block-device-mappings parameter and allowing the AMI to use its default volume configuration resolved the problem. Instances boot successfully and stay running.

PAM has built-in disk encryption to protect the data on disk. It is not possible to attach the disk to another server and read it.