Migrate from Client SDK 3 CMU and KMU to Client SDK 5 CloudHSM CLI - AWS CloudHSM

Migrate from Client SDK 3 CMU and KMU to Client SDK 5 CloudHSM CLI

Use this topic to migrate workflows that use the Client SDK 3 command line tools, the CloudHSM Management Utility (CMU) and the Key Management Utility (KMU), to instead use the Client SDK 5 command line tool, CloudHSM CLI.

In AWS CloudHSM, customer applications perform cryptographic operations using the AWS CloudHSM Client Software Development Kit (SDK). Client SDK 5 is the primary SDK that continues to have new features and platform support added to it. This topic provides details specific to migrating from Client SDK 3 to Client SDK 5 for command line tools.

Client SDK 3 includes two separate command line tools: the CMU for managing users and the KMU for managing keys and performing operations with keys. Client SDK 5 consolidates the functions of the CMU and KMU (tools that were offered with Client SDK 3) into a single tool, the CloudHSM Command Line Interface (CLI). User management operations can be found under the subcommands user and quorum. Key management operations can be found under the key subcommand, and cryptographic operations can be found under the crypto subcommand. See Reference for CloudHSM CLI commands for a complete list of commands.

Note

If in Client SDK 3 you relied on syncUser functionality for cross-cluster synchronization, continue to use the CMU. CloudHSM CLI in Client SDK 5 does not currently support this functionality.

For instructions on migrating to Client SDK 5, see Migrating from Client SDK 3 to Client SDK 5. For benefits on migrating, see Benefits of Client SDK 5.