HSM users in AWS CloudHSM

Before you can use your AWS CloudHSM cluster for cryptoprocessing, you must create users and keys on the hardware security modules (HSM) in your cluster.

Note

HSM users are distinct from IAM users. IAM users who have the correct credentials can create HSMs by interacting with resources through the AWS API. After the HSM is created, you must use HSM user credentials to authenticate operations on the HSM.

In AWS CloudHSM, you must use CloudHSM CLI or CloudHSM Management Utility (CMU) command line tools to create and manage the users on your HSM. CloudHSM CLI is designed to be used with the latest SDK version series, while the CMU is designed to be used with the previous SDK version series.

See the following topics for more information about managing HSM users in AWS CloudHSM. You can also learn how to use quorum authentication (also known as M of N access control).

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Creating clusters from backups

User management with CloudHSM CLI