The illustrations for the different HSM modules were very helpful. One item I think is worth adding is how to ensure you have high availability. One of the first steps is to create the "HSM Cluster." However, if you only deploy one HSM instance then you have a SPOF. The documentation recommends deploying two HSM instances in different AZs.
In one of the first steps where the UI indicated there were no HSMs available in the AZ chosen it would be important to then add another subnet in an AZ where there is another HSM available. Otherwise I believe you would be at risk of not being able to automatically recover from an AZ failure making your single HSM instance unavailable.
Some users might infer that by creating an "HSM Cluster" you’re automatically getting an HA solution.