Certified Security - Specialty

Sign Up Free or Log In to participate!

Feedback on cluster activation

Hi Ryan,

Did you mean to skip the creation of the CO user? You mention you were going to do so, then the video skips ahead to a point where the CO is already created.




This one didn’t work for me, and now I’m getting this message: Server 0( is in restricted mode, cannot login!

Joel Rosado

I found that rerunning enable_e2e allowed me to clear the restricted mode message

2 Answers

Looks like the PRECO user is used for login, then the command

createUser CO admin acloudguru123!! 

is executed to create the user


For more information, see page 135 of the CloudHSM guide, it’s in the resources section.


Actually, that’s the step afterwards. To convert the PRECO user to a CO user, change the password for the PRECO user. https://docs.aws.amazon.com/cloudhsm/latest/userguide/hsm-users.html


Scott thanks for the tips and link above. I tried chaning changePswd as you suggested on my PRECO account but it said "Invalid user type specified to change password" when I run the listUser command I only see PRECO and AU, no CO user. I believe that Ryan said (not sure) that only CO can do account maintenance ,so if this is correct how I would be able to create the CO account? Thanks for your assistance.

Ryan O’Donnell

After you change your PRECO user password it becomes a CO

I just found out the answer to my question 🙂

To create the CO user you will need to do the following

1) you are login in your CloudHSM as PRECO

2) aws-cloudhsm>changePswd PRECO admin
Answer "y" and you should see a changing password message that the password has been changed

3) if run the command listUsers you should now see the new CO account and the AU user

Scott’s link above will take you to the document.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?