To create a CloudHSM crypto user, do the following:

  1. Login as the CO admin:
    aws-cloudhsm> login CO admin <password>
    CODE
  2. Create an ejbca crypto user:
    aws-cloudhsm> createUser CU ejbca <password>
    CODE

  3. Use listUsers to see all users:
    aws-cloudhsm> listUsers
    aws-cloudhsm>listUsers
    Users on server 0(172.16.2.59):
    Number of users found:2
     
        User Id   User Type   User Name     MofnPubKey     LoginFailureCnt     2FA
             1         CO       admin            NO               0             NO
             2         CU       ejbca            NO               0             NO
    CODE
  4. Quit the client utility:
    aws-cloudhsm> quit
    CODE

    For more detailed user management, refer to the AWS CloudHSM documentation Managing HSM Users in AWS CloudHSM.