Manage MFA for HSM users using CloudHSM CLI

For increased security, you can configure multi-factor authentication (MFA) for users to help protect the AWS CloudHSM cluster.

When you log in to a cluster with an MFA enabled hardware security module (HSM) user account, you provide the CloudHSM CLI with your password—the first factor, what you know—and CloudHSM CLI provides you with a token and prompts you to have the token signed.

To provide the second factor—what you have—you sign the token with a private key from a key pair you've already created and associated with the HSM user. To access the cluster, you provide the signed token to CloudHSM CLI.

For more information on setting up MFA for a user see Set up MFA for CloudHSM CLI

The following topics provide more information about working with quorum authentication in AWS CloudHSM.

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Delete users

Quorum authentication