diff --git a/docker/barbican/barbican-base/Dockerfile.j2 b/docker/barbican/barbican-base/Dockerfile.j2
index 057cfe08e4..b872a37d92 100644
--- a/docker/barbican/barbican-base/Dockerfile.j2
+++ b/docker/barbican/barbican-base/Dockerfile.j2
@@ -7,7 +7,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {% import "macros.j2" as macros with context %}
 
-{{ macros.configure_user(name='barbican', groups='nfast') }}
+{{ macros.configure_user(name='barbican', groups='nfast,hsmusers') }}
 
 {{ macros.install_packages(barbican_base_packages | customizable("packages")) }}
 
diff --git a/kolla/common/users.py b/kolla/common/users.py
index 2675ae80a9..9468396e42 100644
--- a/kolla/common/users.py
+++ b/kolla/common/users.py
@@ -341,5 +341,9 @@ USERS = {
     'opensearch-dashboards-user': {
         'uid': 42492,
         'gid': 42492,
+    },
+    'hsmusers-user': {
+        'uid': 42493,  # This is not used, but the group ID is required.
+        'gid': 42493,
     }
 }
diff --git a/releasenotes/notes/fix-luna-hsm-deployment-permissions-issue-dfc2d8c92d2eaf57.yaml b/releasenotes/notes/fix-luna-hsm-deployment-permissions-issue-dfc2d8c92d2eaf57.yaml
new file mode 100644
index 0000000000..d1dbb66716
--- /dev/null
+++ b/releasenotes/notes/fix-luna-hsm-deployment-permissions-issue-dfc2d8c92d2eaf57.yaml
@@ -0,0 +1,10 @@
+---
+fixes:
+  - |
+    Fixes a bug with Thales Luna HSM deployments.
+    The new client software version requires the use of a specific group
+    called "hsmusers", and for consistency reasons, we are specifying
+    both, the user id and the group id, and inserting the Barbican username
+    inside of such a group.
+    More information can be found at
+    `LP#Luna <https://www.thalesdocs.com/gphsm/luna/7/docs/pci/Content/install/client_install/linux_install.htm>`__