ENTERPRISE This is an EJBCA Enterprise feature.
AWS Cloud HSM is a cloud-based HSM service in the Amazon Web Services. The CloudHSM uses FIPS 140-2 Level 3 certified Cavium/Marvell HSMs in the backend and is accessible using the PKCS#11 API. Custom modules are needed for full EJBCA support of the CloudHSM, and this is supported in the EJBCA Cloud.
For step-by-step instructions on how to integrate EJBCA Enterprise Cloud with AWS CloudHSM, see the AWS CloudHSM Integration Guide.
Using PKCS#11 NG in EJBCA 7.5.0 and later has good support for AWS CloudHSM, including key generation in the Admin UI.