CLIENT AREACall Us 1-800-383-5193


Call Us 1-800-383-5193


Call Us 1-800-383-5193

Need help?

Our experts have had an average response time of 13.52 minutes in October 2021 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

Stop using the CloudHSM classic services – Three easy steps

by | Oct 21, 2021

Wondering how to stop using the CloudHSM classic services? We can help you.

Here, at Bobcares, we assist our customers with several AWS queries as part of our AWS Support Services.

Today, let us see how we can stop using CloudHSM Classic and confirm that we are not billed for further usage.


Stop using the CloudHSM classic services

Recently we had a customer who didn’t want to use AWS CloudHSM Classic anymore.

We can also decide not to use it after the trial period expires.

Our Support Techs recommend the steps below to stop using it and avoid unnecessary charges:

  1. Delete logs on the HSM appliance.
  2. Zeroize the HSM appliance.
  3. De-provision the HSM appliance.

Now, let us see how our Support Techs perform each of these in detail.

  • Delete the logs on the HSM appliance

1. Initially, from the Luna shell, we rotate all logs. To do so, we run:

lunash:> syslog rotate

2. Then to delete all logs we run:

lunash:> syslog cleanup

However, make note that deleting the AWS CloudFormation stack does not delete the CloudHSM Classic device.

Until and unless the CloudHSM Classic device is no longer in the account, do not delete the elastic network interface for the CloudHSM Classic device.

In addition, to avoid errors while running AWS CLI commands, we make sure to use the most recent AWS CLI version.

  • Zeroize the HSM appliance

1. To perform this, we need to log in to the control (client) instance.

2. Then, we can connect to the HSM appliance over SSH. For that, we run:

$ ssh -i private_key_file [email protected]_ip_address

Here the private_key_file is the HSM’s private key file and hsm_ip_address is the IP address of the HSM appliance.

3. After that, we run the following command:

lunash:> hsm login

4. Intentionally we can enter an incorrect administrator password three times in a row.

An attempt to log in with the wrong password eventually zeroizes the HSM appliance.

  • De-provision the HSM appliance

For this step, we use the delete-hsm command or the DeleteHsm AWS CloudHSM API command.

We can run the DescribeHsm API call command to confirm that the device successfully de-provisions.

Then we verify that the device is in the TERMINATED state.

Any other state indicates that the HSM appliance failed to zeroize before it was de-provisioned, and the billing will continue.

[Finding it difficult? We are here to assist you]



In short, we saw how our Support Techs clear the CloudHSM query for our customers.


Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.



Submit a Comment

Your email address will not be published. Required fields are marked *